WooThemes Suffers Severe Hack

Last night I noticed that WooThemes had gone offline. At the time I didn’t think much of it as every site ends up going down once in a blue moon. But then this morning I noticed it was still down and showing a cpanel holding page I knew something strange was up.

Turns out, WooThemes was targeted by a very severe and malicious hack. This attack was so disruptive that WooThemes may be offline for another couple of days while an alternative server and hosting infrastructure is put in place. This is not the first time WooThemes has been targeted. Back in December 2010, the site suffered a prolonged DDOS attack which brought the site to it’s knees for over 24 hours but this attack appears to be even worse.

I feel terrible for the WooThemes folks for the moment as this has clearly turned their business upside down not to mention the nightmare that trying to maintain customer service must be right now. That said, true to form, it would appear that the Woo team are pulling all the stops out to keep the show on the road while the main site is offline – follow ongoing service status updates here.

From a recent update:

Please feel free to direct technical support queries to [email protected] & non-technical queries to [email protected]. Our whole team is on standby there if you need us.

If you need access to your downloadable products, please ping us [email protected] & we’ll get you access to the files from our alternative storage in the meantime.

One must question what the motives behind severe attacks such as this. Normally the nature of many website hacks is simply to demonstrate the hackers skillz to their peers which while extremely annoying can be rapidly fixed. Was there a WordPress vulnerability involved in the attack? If so, this will no doubt cause ripples of concern across the WordPress community. I’m sure it’s the last thing on Adii’s mind right now but I think once normal service is resumed that some disclosure of the nature of the attack would be important to reassure customers and the WordPress community at large. I know at one point Woothemes.com was hosted on vps.net who I moved all my business away from about 12 months ago due to fears I had about their infrastructure after I had several data loss scares.

Planning a disaster such as this is extremely complex – especially for a business like WooThemes was completely relies on the web to run it’s business. I think many other WordPress based businesses could learn some lessons from this attack and take a long hard look at their Disaster Recovery plans should the worst happen.

For now, I wish Adii & Co. the best of luck getting everything back online as soon as possible and hope that there is no long term damage from this incident.


Comments

5 responses to “WooThemes Suffers Severe Hack”

  1. Gemma W. Avatar

    I hope WooThemes recover quickly. This is why I now host with WP Engine.

    1. Hey Gemma,

      WP Engine is a fantastic host. I’m sure WooThemes will be back up and running in no time.

      Ed

  2. I’ve not been working on the server, but from what we understand this was solely a server attack. Nothing to do with a WordPress vulnerability from what we’ve seen so far. We’re up initially on a new host and are working to restore everything.

    I’m sure Adii will post about it once we’re up again.

    As noted that site will house any important updates as we go, and any users can definitely contact us at [email protected] for temporary support or at support[at]woothemes.com for any other concern or well wishes. 🙂

    1. Hey Ryan,

      Thanks for stopping by and for your comment. Great to hear this is not a WP vulnerability. I’m sure there is one hell of a DB restore being done as we speak on the new server 🙂 Hope everything goes well.

      Ed

  3. […] great to see WooThemes are on course to pretty much make a complete recovery after their nightmare week last week. Not long after they came back online last week, they were hit with a pretty big DDOS attack which […]

Leave a Reply

Your email address will not be published. Required fields are marked *