Sep 12, 2011

Posted by in Guest Posts | 18 Comments

Hacked Websites: What It Means To You And How To Protect Yourself

Hey guys! It’s Stanley Dimitrious here to shed a little light on what has transpired here at the yummy men and kick ass chicks hangout. I know you are all pining for me to write something about me wearing leopard print undergarments and how I transformed situational responses such as: “Jason there is NO WAY I’m ever going to do that” into “Jason, it’s a little gross but I think I like it” Today, I’m going to fill you in on hacking and the ins and outs of what it means.

When Julie showed me the email she got from Google about a potential hack and example pages of said hack I was crestfallen. I know how much work she puts into that site and the fact that it was being eaten away by hacked material gave me great concern. Often, a hacked site results in a wipe of all the content and most dreadfully, your SQL database that holds all your posts, comments articles etc…

Julie’s hack involved embedded code that tricked Googlebot into indexing all kinds of movie related websites instead of the books she was blogging about. The hackers identified Julie’s site as having lots of traffic, compromised her FTP login and username and uploaded cloaked JavaScript files (in BASE64 coding language) Now this made it very difficult to identify but we were able to find and destroy the breach, remove the bad files and safeguard the site from further attacks. Here are some key points to take away.

1. We were never at risk to transmit viruses to visitors of the site. In fact if we had said nothing, you, the user would have never known. The attack was just to mess with our Google indexing which killed Julie’s numbers for a few days but at least Google was able to page rank Dumb and Dumber the movie review with Indian subtitles…. Fucking Hackers…

2. Remaining Calm and doing research was key after all this came to light. As Julie cried softly in a corner and watched “Beaches” over and over again, I took a long look at what was going on. I used process of elimination to fix the issue. First I deleted all the plug-in’s, and slapped on a clean installation of word press. I re-downloaded the theme, which had undergone all kinds of security updates since we installed it so I recommend updating your theme to the most current version as often as possible… Fucking Hackers…

3. Review shit that you upload to your site. Now of course, I didn’t delete Julie’s upload folder of all the images se had used since the sites inception. What I did was move a copy of the site over to my PC desktop and browsed through all the folders looking for something that “didn’t make sense”. what I did find was about 10,000 random DAT files in Julie’s August 2010 upload folder all titled like this: oijf340j2348gfw9e4f9 and like I said, there were at least 10,000 of these files in there. The files didn’t appear anywhere else so I cleaned the folder out and brought back the edited content folder back on the host server… Fucking Hackers…

4. Check your SQL database. Blogs and databases go hand in hand. Reviewing Julie’s site database reveal a strange entry in the WP_OPTIONS branch of the database. Luckily I was able to compare the root with my own website to determine if the entry was legit. Turns out it was not as it houses one of those random letter / number combos in the description and didn’t match with any other WP_OPTIONS entry I had seen. I deleted the entry and refreshed the database. Fucking Hackers…

5. Safeguard your site. As bad as it was going through the site trying to fix it from this hack, I can only imagine the anguish I’d feel if I learned it was hacked again. So we changed the username and password for our FTP client with our host. We also changed up the password required to log into the site itself and updated the password for the SQL database into something long hard and tough to swallow. 🙂 I mean hack into right… Fucking Hackers…

And there you have it. What I just typed out took me about 2 solid days of research to do. The internet is your friend and you’d be amazed at how many good articles and walkthrough’s there are online to assist you with a compromise. As well, feel free to email me with questions if you have any at [mailto:jason@wdwstudios.com] Getting hacked is a shitty situation but staying calm, doing your homework and knowing how to recognise the bad stuff will get you through it in the end. Heck it worked for Julie and me and now she’s back up and listed on Google.

Thanks for reading and next time I’ll write about how having sex in the mountains will not only make a man a better lover but will empower him to have multiple orgasms as well.

Cheers!

Hey Guys! Julie here.  I just wanted to quickly let you know that all the work Jason did paid off, and even though Google warned that it may take weeks before my blog would be back on Google, it actually came back all clear and healthy late last week!  *throws confetti and fives Jason a big sloppy kiss*.  I really want to say THANK YOU to all of you for your support in this and a SUPER THANK YOU to Jason for all his hard work in settling this matter.  Now, if only I could figure out how to find the hackers that got into my site and hang them by their toenails…in the winter time…surrounded by polar bears…and covered in apple sauce.  I’ll get back to you if I come up with a way to make that possible.  😉

  1. awe man I think Jason is my hero too. That is amazing he was able to do all the work and research. I would not be able to fix it this ever happened to me. I don’t understand a thing he did but your site looks amazing and I hope it is protected again.

    Question if you don’t mind…This recommendation “I re-downloaded the theme, which had undergone all kinds of security updates since we installed it so I recommend updating your theme to the most current version as often as possible”
    How do you know if there was a security update on your theme? I know on my BB, iPod or apps I use at work, we get a notice of some sort. Do you get a notice that the theme needs a version upgrade/update? When my email got hacked and I read on the internet, over and over again the message was to ensure that we are to update the versions because there is new protection in those updates.

    Thanks and once again I am so happy you are up again….Fucking Hackers

  2. WOW – If I have any problems, I’m running to Jason with a case of beer and leopard print undergarments. That is amazing. Even with what he said, I’d never be able to do any of it. I have no idea what a SQL database is and that it is password protected.

    So, my question deals with understanding the situation a little more. You use WordPress for your blog – what does GOOGLE have to do with any of it? What is Google indexing? And what is a SQL database?

  3. This post scares the crap out of me because I don’t understand of fraction of what he is talking about. –Telling me Check your SQL database and stuff about FTP clients…. you may as well be telling me to cure cancer.

    Scary stuff. I’m glad you got your site fixed!!

  4. Michelle – Jason is going to answer your question when he gets home from work. 🙂

    Jen – It is scary! It just goes to show you how much knowledge these mean hackers have…

    twimom227 – Anytime someone does a search on Google, Google scans the site before pulling up the results. As people were searching for my blog (or using terms that show up in my blog’s name), Google scanned it like it always does and found things that it didn’t like. Since Google is big on protecting it’s users, they tag and remove iffy sites from their index. Don’t matter if it’s WordPress or Blogger or whatever – it’s Google’s user protection in action that found my lovely hackers’ job.
    The Google Index is the list of sites that Google will search through when someone does a search through them.
    And the SQL database is all the coding for your site. So all your posts and images and everything all written in html code. Confusing as hell. My web space is ‘provided’ by 1&1 and through them I can access my SQL database easily. I don’t know where you would access it through Blogger tough. :/
    Seriouly Jen, if Jason didn’t have an idea what to do, I would have hired someone to help me. There is no way I would have been able to do this on my own. I’m sure I could have found info online on how to handle it, but there’s no way I would have understood the ‘language’! LOL

  5. I might not understand everything he is saying, but what I do know is that you are lucky to have him 🙂

  6. Julie & Jason thanks so much for sharing this with us. This is scary because it could happen to any one of us. I’m saving this and showing it to my IT guy. (My dad)

  7. To answer a few questions here.

    There really is no way to automatically know when your theme needs an updating. Best thing to do is visit the place where you got your theme and Download it again. Sometimes there is a change log that you can review to see if any changes have been made. All in all I’d refresh your theme once every 6 months as a safeguard.

    Google is the number one search engine in the world. If they decide to take your site down, it will kill your numbers and make you invisible to well. Over 85% of the Internet using world. As well it discourages others to visit your site and is overall a site killer.

    Blogger is a bit different than a personally owned site using WordPress. It would take a hack through blogger to bring a site like that down. It may have more security features but will lack the exclusivity and all the toys that you get with a personally owned website.

    As well keep my info in case you need any website saving or tweaks. It’s my part time profession and I’d love nothing more than to help you out in the event you are breached.

  8. Very information post Jason. I’m so glad that your man was able to come to your rescue Julie! 🙂 Blog hacks are just a nightmare to deal with because we all invest so much time and effort into them. It can almost feel like a personal attack.

  9. Stanley Dimitrious you rock! And I can’t wait to read your next post “how having sex in the mountains”.
    Thank you for sharing this very valuable information, I’m talking about the hackers, no the sex in the mountains… for that one I’ll thank you when I read the post.

  10. Oh my, never knew this stuff was so serious! You got me worried Jason! Could you maybe do a short popst or just share some pointers how we bloggers can make our best to make it difficult for hackers and how to protect our blogs. I mean prevention, because unfortunately I’m not as lucky as Julie and don’t know anyone as tech savvy as you who could go through the tiny details and data of my blog to find such kind of installed spam 🙁

    Thank you and glad you were able to get rid of the junk, damn hackers, hate them!!

  11. ps. I would have a question: how did you notice Julie that Google backlisted you? How can we check that?

  12. Julie and Jason, I am so sorry this mess has caused you anguish and so much work! What in the world motivates people to hack? Boredom? Unemployment? Sociopathic tendency? Whatever it is there should be a way to find these goons and stop them.

  13. Wow Stanley Dimitrious, this all sounds kinda confusing. Yet I did pick up on a few things explained. I’m so sorry that this had to happen to Julie’s site but I’m so happy that she has you to help her figure out the more technical aspects of her blog. I never would have been able to figure all of that out! 🙁 I’m so happy that everything is back up and running. Stupid Hackers! I just don’t understand them.

    P.S. Julie…I love Beaches! LOL. I don’t know if you really like that movie or if Jason…urm…I mean Stanley was just trying to be funny, but my Mom got me hooked on it. 😀

  14. Stella – we did a google search for the site and it didn’t come up. It went to a blank page at first then went to nothing at all. I don’t want you all to be scared and panic because of this post, if anything take away the need to keep your passwords changed up on a regular basis and that if in the worst case scenario something like this does happen to you, don’t panic, reach out to someone who knows what’s up (myself or your webmaster or your hosting provider) and know that the worst kinds of hacks are all fixable. Even though a lot of the jargon I talk about is a little tech heavy, it’s something that you can relay to your “knight in shining armor” if you happen to find yourself with website bobo’s

  15. Deanna – I’m sure beaches is a great movie but I haven’t seen it. And if Julie were to watch it it would be a ploy of mine to have my way with her one she becomes a a pile of emotional goo. Apparently that’s a good thing according to the guy at the 7-11. Gotta keep it real. 🙂

  16. What a great post. Thanks Jason for helping Julie get her site back in order. It was hella nice of you to share these tips with us. Fucking hackers…

  17. Colette – Um…you may want to not show your dad the stuff about the animal print underwear… 😉

    Carmel – It does feel like a personal attack, even though you know it isn’t. But I wish for one second that whoever does this realizes that the blog/site they are hacking into is someone’s hobby or passion or livelihood! Arses…

    Stella – How I found out that I was hacked was my friend Christi, who usually finds my blog through Google, tried one day and after clicking on my blog’s name, she was brought to a white page. It happened a couple of days in a row. So I investigated and noticed that under my blog’s name in the Google results page it said ‘this site may be compromised’. That’s how I found out. But in our investigation on how to fix this, I clicked on ‘my account’ for Google/gmail and went to ‘webmaster tools’. There you can verify your blog and if Google finds something off, it will email you. I did get an email but because I didn’t go check my ‘Webmaster Tools’ ever, I didn’t know the email was waiting for me. I will now be checking regularly…

    Dot – “What in the world motivates people to hack? Boredom? Unemployment? Sociopathic tendency?” LOL Love it! I wish there was a way to track them and stop them…

    Deanna – I have watched Beaches but I don’t usually watch “crying movies”. Jason may have exaggerated that part of his post. 😉

    Jen – Yes. Totally. Fucking hackers…

  18. Thanks for the explanation Julie, will check it out as well! And thanks Stanley for the reassuring 🙂

Leave a Reply

Your email address will not be published. Required fields are marked *