2. Another on the domain registrar account which allowed to transfer control of the domain. This allows to change nameservers and any other domain records.
It was awful when it happened to me 20 years ago, and they're way more important than me, so they get my deepest sympathies and hope they figure out how to stop it happening again. However, I'm surprised that more hacking isn't happening.
Not sure what protections they had (if any) so hard to speculate on what attack vector was used.
Generally speaking, a standard install of WordPress on a shared hosting account or even VPS isn’t very secure at all, especially if updating core and plugins is lax.
You know Consortium News was doing good work to bring on the ire of the hackers... You gotta wonder if they have a Mosad connection.
Looks like two seperate attacks:
1. One on the WordPress site;
2. Another on the domain registrar account which allowed to transfer control of the domain. This allows to change nameservers and any other domain records.
It was awful when it happened to me 20 years ago, and they're way more important than me, so they get my deepest sympathies and hope they figure out how to stop it happening again. However, I'm surprised that more hacking isn't happening.
Not sure what protections they had (if any) so hard to speculate on what attack vector was used.
Generally speaking, a standard install of WordPress on a shared hosting account or even VPS isn’t very secure at all, especially if updating core and plugins is lax.
I'm not a techie but it happened to me on Wordpress. At the end of it all, if someone or a group is determined to destroy, it will happen.