Who Was The Hacker? All Websites Hacked But Number 1 On Google!
ByHey ,
A very important post today to let you know that I awoke yesterday, switched on the lap top only to find that my blog here had been hacked!
All that you could see on the page was this!
So upon further investigation, I soon learnt that every single one of my home pages and websites had been hacked and the above message displayed!
As soon as I saw this, I panicked and immediately contacted support…………..not Hostgator Support as I should have, but my online support James Howard . Now James will testify that whenever I have an issue with my websites (and I do quite often) he is generally around to sort things out very quickly!
Sure enough, after loggin into Skype to see if James was around, he immediately sprung into action and was able to see that someone somehow had managed to log in to my cpanel or some other way, install a index.php file that was able to do this to all of my websites.
So a BIG thanks to James for helping me out with this, and taking the time, (once again) to delete the files. Somehow I think I owe James a few beers in Bristol this weekend.
So my next step was to upload all of my index.html files again, which did take a while as I had them saved all over the place, so as suggested by James, these are now nicely kept in an easy to find folder 
OK, so back online, I decided to investigate with Hostgator and of course searching for WHO the hacker who did this.
Why? I don’t know really somehow though, I knew I would be wasting my time as I am sure they had more computer knowledge than me!!!
But when I searched, I could not believe my eyes………….I had finally made it to Number 1 on google……….yes my soon to be released product simple steps to making money online had already reached number 1 on Google in Only 13 hours…………….Look!
In all Seriousness though, this really did get to me yesterday, because
1. I had planned to finish my product yesterday, but this has further been delayed because of this and plan to finish today.
2. It made me realise just how easy it was for someone to log in to my personal data. I quickly changed all of my passwords for websites and personal.
3. How I need to back up more often and strengthen the security of my business, as written by Marcus Passey recently(sorry Marcus, should have taken notice!
Just so you know, I contacted Hostgator, my hosting provider, who were as helpful as they always are, and said unfortunately there was little that they could about it, but for me to keep my passwords safe and regulary updated to stop this happening again. However we did identify the IP address of the person responsible located in Brazil, not sure that is going to do anything, but hey
All I can say is, be aware of this hack, make sure you have your passwords regularly changed and back up your work! Its a pain in the A@@@!
Take care, Talk soon
Sean
Next post, update to my progress online
21 Comments
May 3rd, 2010 at 8:50 am
Hey Sean,
Really sorry to hear about that. Its a lesson for us all.
And it always happens right at the worst time. I know how hard you
have been working on your new product so I hope that all is well.
Right. I’m off to change my passwords!
Andy
May 3rd, 2010 at 5:08 pm
Hey Sean,
What a nightmare for you!!
I am gonna make sure I change a few things around too
It’s one of those things that doesn’t really matter until a problem arises. Then we wish we’d done it earlier!
Hope you’re ok dude?!
Talk soon,
Paul
May 4th, 2010 at 1:56 am
Fortunately Paul, it didn’t turn out as bad as I thought it could have been.
All good here Paul, Hope you you are too!
Take care
Sean
May 4th, 2010 at 5:07 am
Man! I am so pissed off
it is written in your website “Muslim Hacker”, I am a Muslim and I just want to say that It doesn’t make me proud when I see those hackers that think that hacking and accessing other people personal information is something to help their religion but they are dead wrong!
I won’t enter any religious conversation but I just wanted to say that not all of us are like that!
I am sorry for your bad news and happy that you restored your website again quickly and safely
Best Regards,
Mohamed Hammad
May 4th, 2010 at 6:38 am
Hey Mohamed,
Great to hear from you!
Well, we know that this is a minority, and it did cause a little bit of pain. I respect everybody’s views on religion, politics and other sensitive views, it is just a shame that some people feel it necessary to go one step further!
Take care Mohamed, be in touch soon!
Sean
May 6th, 2010 at 8:41 am
Hi Sean
Glad you are back up and running.
My last job was working in an Infrastructure department and performing the backups. You would think I would be really proactive in doing mine. I’m afraid not, but I will get better at doing them as my blog grows!
Keep backing up
Chris
May 7th, 2010 at 8:19 am
here guys this should help
http://wordpress.org/extend/plugins/wordpress-file-monitor/
I have been hacked myself
but now I can keep an eye on all my sites
May 7th, 2010 at 12:41 pm
Hey Mick,
Its a shock but will tighten up my security.
Talk soon.
Sean
May 7th, 2010 at 12:42 pm
Hey Chris,
hmmmm, I learnt the hardway!
Take care and talk soon.
Sean
May 8th, 2010 at 3:59 pm
I had this happen several years ago and it is such a pain. I wish the internet was “vermon free” but unfortunately we have to have our guard up all the time.
Good luck with everything.
Glen
May 10th, 2010 at 3:08 am
Thanks Glen, it is a real pain, but hey, someone is going to do it. As you say, just protect all of your passwords. Cheers, Sean
May 10th, 2010 at 8:04 am
Sean,
thanks for the info…will add to my to do list for today.
Brandon
May 14th, 2010 at 5:35 am
Wow Sean
I didnt know it was that easy to hack
into a blog might have to change some
security on mine.
Glad to see you havent let them
Win keep up the good work
Matt
May 14th, 2010 at 6:07 am
Security is key now for me
Thanks Matt for dropping by
May 14th, 2010 at 2:29 pm
Hi Sean
What a story. I think it was lucky that he only changed you index files, and not deleted everything.
A reminder to us all, – make backups !
Regards
Henning
May 14th, 2010 at 3:06 pm
Thanks Henning, it coulld have been worse for sure, thank fully tho, not as bad as first thought! Talk soon.
Sean
May 15th, 2010 at 6:25 am
Sean, did you find out for sure if it was a password stealing/guessing attack or some sort of WordPress code weakness?
May 15th, 2010 at 6:30 am
I’m not entirely sure Michael, My host said it was a password weakness, still puzzled , but hey, learnt a lesson here.
If I have any more info, will let you know
Sean
May 27th, 2010 at 11:37 am
Thanks Sean, for the heads-up.
I’ve taken Michael Fallon’s suggestion (above)and installed the WordPress-File-Monitor plug-in.
Thanks again!
Jerry Cooper
May 29th, 2010 at 8:31 am
Hi Sean, really interested to read your thread on Alex’s forum and the post here.
I use Hostgator for training purposes, and my own blog, but the majority of my sites are hosted by Heart Internet.
They recently introduced a system called FTP Lock … here’s how they describe it:
FTP is locked on all accounts as standard. This is to help prevent your site being attacked. You can unlock FTP for a set period of time; we recommend that you do this only for short periods. We would advise that you prepare any changes to your website and then, when you are ready to upload it, unlock FTP for one hour. If you need longer, then please select the relevant option below. However, we would advise you to only unlock FTP for short periods.
We require this because of the many PC viruses circulating that steal passwords stored within FTP clients. We recommend that you do not store your passwords inside your FTP software for this reason. Instead, you should manually re-enter passwords each time you wish to use FTP.
Now let me say, it annoys the heck out of me if I’m working on a site and I can’t connect because it’s locked, but reading your post made me appreciate that – like Cod Liver Oil – it’s not nice, but it’s for my own good
One other thing that might help anybody concerned about loosing precious content.
I got a virus and had a complete PC failure a few months ago and it had a massive impact on my ability to work.
I back up everything on a hard drive, but I now also back up ‘in the cloud’ using a service called Humyo.com
All my stuff can now be reached via any PC or laptop (all password and security protected of course!) and downloaded from there, it’s a cheap and effective additional layer of protection … just in case
May 29th, 2010 at 10:06 am
Thanks Paul for the detailed heads up and what can be done with FTP lock, appreciate it. I am going to check out Humyo now. Thought about backing up on cds etc, but that would have got messy!
I have too much valuable information on here now, and with the lap top getting hotter and hotter and likely to die any minute, i will be over to Humyo asap!
Thank Paul, be in touch soon
Sean