
This is what happens when a website gets compromised - cret
https://news.netcraft.com/archives/2017/05/31/stanford-uni-site-infested-with-hacking-tools-and-phish-for-months.html
======
mysterydip
I've known about webshells and their insidiousness for a while now, but
haven't seen a real in-the-wild example before. The level of professionalism
and sophistication in monetization techniques is really quite interesting
(assuming you're not the victim).

~~~
technion
The thing is, if you've been exposed to running web hosting servers - I see
the sort of thing detailed in this blog multiple times a day.

The thing I don't see however, is a fully updated Wordpress instance
compromised (assuming there are no plugin issues). It's a shame the article
seems to attribute the root cause to "hacking tools" which presumably only got
there after a deeper incident.

