A cryptocurrency-mining bot brute-forced into my WordPress site

Someone brute-forced into a client’s WordPress site and added cryptomining js. Good thing they knocked down an HTML div on their way out!

Yesterday, at my parents’ cabin outside Stockholm, me and my father were having an office session after breakfast. Me procrastinating thesis work, him doing whatever he was doing. At one point he needed to check something on the website of FactWise, a company where he is involved.

The website didn’t appear as it should. The carousel in the footer was broken and the subsequent contact details bar had been pushed off to the side.

Broken design

The FactWise website is one of the first I’ve made, at least counting those which are still up and running today. Dad had a friend do the design, and I turned the PSDs into a WordPress theme and set it all up on shared hosting. It’s not beautiful but it works – kind of.

When dad showed me the buggy appearance, I was running out of other things to do instead of studying, so I started looking into it immediately. My first guess was that a stylesheet ref was broken. I looked through the Network tab in Firefox Developer Tools to find any 404s, but what I found was something else. Continue reading “A cryptocurrency-mining bot brute-forced into my WordPress site”

Duplicated id="x" in WP Meta Boxes

I am building a very minimalistic calendar plugin for WP (an idea that doesn’t seem to turn out very well so far), and I got a cryptic JS error when adding JQuery datepicker saying “a is undefined”. I debugged this for a good two or three hours, until today I tried replacing the minified datepicker.js file with source code.

The error turned out to be caused by the same HTML id being assigned to a meta box div as well as to a custom field.

function transparentcalendar_add_meta_boxes() {
    add_meta_box( 'transparentcalendar-time', __( 'Calendar', 'transparentcalendar' ), 'transparentcalendar_meta_box_time', 'post' );
}

function transparentcalendar_meta_box_time( $post ) {
    $time_current = transparentcalendar_post_get_time( $post->ID );

    echo '<div class="form-field">
        <label for="transparentcalendar-time">' . __('Time', 'transparentcalendar') . '</label>
         <input id="transparentcalendar-time" name="transparentcalendar_time" type="text" size="20" value="' . $time_current . '" class="datepicker">';
}

I have learned these two simple things:

    • Get a HTML validator browser plugin, thus I might have noticed the duplicated id earlier
    • Use a dev version of WP when developing, as it uses non-minified JS