My blog was hacked. Why me?

 

My website was hacked last Friday and I felt sick to my stomach. It felt like an intruder entered my home, stole  my belongings and left me naked and vulnerable.

How could this happen to me? I’m not a corporation or a business selling products; no I’m Sonia Marsh, author and blogger who enjoys a community of people from around the world.

So here’s what happened. (I am not a professional website designer or coder who can offer technical advice.)

I logged onto my hosted WordPress website and noticed that the photograph on the most recent post on the landing page had disappeared. A black dot had replaced the photo. The photo was still on the post, so why wasn’t it being “pulled” onto the home page? (My website designer and coder had written code to do this automatically.)  I experimented uploading another photo hoping  this might be the solution. After deleting photos from my Gallery, and uploading them directly into my post, nothing worked. Within an hour or so, all photos on my home page were replaced by small black dots. I felt like my blog was slowly crumbling in front of my eyes just like the frightening photos of the Twin Towers on 9/11.

I checked all three of my domain names and my website never popped up. The directory no longer had an index file. I no longer existed on the web. As I mourned the death of my website with hundreds of posts, photos and comments gone forever, my immediate reaction was the most common one: panic, which can also be the most dangerous one. Douglas Karr explains in his article “WordPress Hacked? Ten Steps to Repair Your Blog,”

  • “Stay Calm! Don’t start deleting things and installing all kinds of crap that promises to clean your installation up. You don’t know who wrote it and whether or not it’s simply adding more malicious crap to your blog. Take a deep breath, lookup this blog post, and slowly and deliberately go down the checklist.”
  • Call your web-hosting company, if you use one, and ask them to look into it.
  • Act fast. Get immediate professional help if you don’t know how to fix yourself.

I went from panic, to mad to Gutsy, and said, “That damn HACKER is not going to get away with this. I’m not giving up after all these years of blogging, I have to get it back.”

I e-mailed my web-designer who got back to me right away and said, “Sonia, you’ve been hacked. Call your web-hosting company immediately and find out what’s going on.”

She is not a coder but put me in touch with a fantastic guy who informed me the problem lies with a script called: timthumb.php. That script had a ‘hole’ in it that would let people take over WordPress sites.

From there it infected almost every other file in WordPress, the plugins and the theme.
In order to reduce your risk here are a 5 steps to take if you use WordPress:
  1. Keep your themes and plugins updated – #1 cause of malware infections and hacks independent of any platform!
  2. Only download from reputable sources (WordPress.org).
  3. Only use plugins and themes that are being actively developed and have good, trusted reviews. Do your homework
  4. Keep an eye on WordPress security news to see if there are any issues with the plugins or themes you are using.
  5. Don’t just disable, remove any software that you’re not actively using. Just because it’s not active doesn’t mean it’s not vulnerable
I lost two pounds on Friday from nerves and not eating and had an event to attend in the evening. Fortunately, when I returned, Loren, the tech guy, left me this message.
“I pretty sure I’ve got it clean
I had to completely re-install WordPress
Delete all plugins
Re-install all plugins
clean every theme file.”

I clicked on my website: soniamarsh.com and I was back online. I celebrated with a glass of wine, and deleted a couple of plugins I don’t use. I hope this never happens to you, or to me again.

Don’t forget to change your passwords frequently.

Have you been hacked before? How did you react?

 

Above Photo Daniel Conway

 

 

Tags:

Category: Blogging-Social Media, Writing & Work

Comments (43)

Trackback URL | Comments RSS Feed

  1. Lady Fi says:

    Oh no – how terrible! Thank goodness you’ve fixed the problem.
    Lady Fi recently posted..Skeletons on the hillMy Profile

  2. So sorry to hear this, Sonia :( I can’t imagine. Thank you so much for this post and the tips, though — I’ll definitely be putting these prevention tips into action!

  3. Great tips …. we offer a service through a security company, to clean up and stop hacks on wordpress blogs.. I’m glad you had someone to help you.. let me know if I can be of help in the future..~Deb
    deb@lagniappemarketing.net recently posted..Comment on Latest Work by Meet Debbie from Lagniappe Marketing | Somewhat SimpleMy Profile

  4. Nancy Wolter says:

    Sonia, how devastating! Thank goodness your website was restored.

    • Gutsy Writer says:

      Yes, it was rather scary. I never thought I would react this way. Anyway, Loren was great to get it up and running again.

  5. Jan Marshall says:

    Sweet Sonia,I am sorry that you had trouble and I am glad it has been resolved. Do you realize you are in good company (or bad depending on your point of view about bombing anything but your computer),
    The Government’s Drone system was hacked as well.
    Now I saw a bit of good news in your distress which is mean of me but I learned how your aggravation lead to weight loss so I may get a wordpress blog as well. It is better than my system of eating as much as I can in 30 seconds with one chop stick while standing on my head, cause I’ve become very good at that! Hugs, Jan Marshall

    • Gutsy Writer says:

      Jan,

      I love your sense of humor and how you come to some wonderful conclusions. The two pounds are back, so switching to WordPress might not do the trick. How are things going for you?

  6. Gigi Ann says:

    I honestly don’t understand this hacking business. I don’t understand why they do it. Do they benefit some how, or just make a mess for you to deal with? I’m glad you got the problem ironed out, and all continues to only get better for you.
    Gigi Ann recently posted.."The Season of Second Chances" ReviewMy Profile

  7. Gutsy Writer says:

    Gigi Ann,

    Nice to hear from you. I am not sure, but one reason I mentioned I’m not selling products is that sometimes hackers can divert traffic to their sites and get customers that way. As I said, I’m not an expert, but that could be one reason.

  8. That’s crazy! I’m glad you got it all worked out!
    Jennie Bennett recently posted..Book Review – Beholders: InsightMy Profile

  9. That’s awful – I have never heard of this! Glad you took charge!
    I’ve Become My Mother
    I’ve Become My Mother facebook
    Kelly Lininger recently posted..A Day In My Teenage Daughter’s LifeMy Profile

    • Gutsy Writer says:

      Thanks Kelly. I’m glad I had professional help. I notice you use blogger which I used to have too. Just read your post on your daughter’s schedule in high school. Shall comment on your blog.

  10. You have written about one of my fears, Sonia, so I will bookmark this artice – just in case. Thanks so much for being so informative. I’m glad you made it through – your blog looks great!

    • Gutsy Writer says:

      Gail, I thank you for your support and I do hope it never happens to anyone else. It truly is scary.

  11. barbara says:

    What a nightmare! I’ve considered going back to WP but maybe I’ll just stick w/ blogger.

    So happy you got it fixed, but feel bad you had so much stress. I would have too!
    b

    • Gutsy Writer says:

      Barbara,

      You and I think alike and I can imagine you’d feel the same way as I did.
      Thanks. It felt like a miracle when Loren said he got my files back. I just wish I knew how to do it myself.

  12. PeterH says:

    Glad to see all now ok. It is not a nice feeling, and I had my e-mail hijacked once before and am now quite careful about these issues.

  13. Sonia,

    I’m so sorry this happened to you! I’m so sad that there are people who are so desperate themselves that they hack other peoples’ sites for kicks or whatever.

    Thanks for getting a handle on this so quickly and sharing the essentials to do list with us.

    I’ve only been hacked on twitter and FB and that was enough for me!
    Sandra / Always Well Within recently posted..Open Your Heart and Drink!My Profile

    • Gutsy Writer says:

      Sandra,

      Thanks. I know you put a ton of effort into your blog and so can relate. The FB and Twitter hacking must have been scary too. I wonder if this happened at the same time.

  14. Your post gave me the shivers! I can well imagine the panic you must have felt. Thanks for all the info!
    Miss Footloose | Life in the Expat Lane recently posted..Expat Life: Oh, the Places You’ll Go!My Profile

    • Gutsy Writer says:

      Plus its cold in Moldova, as you said, so you must have wrapped an extra blanket around you Miss Footloose.

  15. Stephanie says:

    One of my websites was hacked too a while ago. It’s upsetting and frustrating – and completely pointless. All it does is cause a lot of extra work and worry. I’m so sorry it happened to you. Put it behind you and carry on being Gutsy. I’m sure it will never happen again, especially if you now take those precautions you listed.
    Stephanie recently posted..Guinea-Pig Gardeners of Les FragnesMy Profile

  16. Gutsy Writer says:

    Stephanie,

    Was yours WordPress? How many websites do you have?

  17. Kelli says:

    Things like this make me soo angry! WHY WHY WHY are people such terds?

    So glad you got back online and everything was saved!!!!!
    Hugs from DK !
    Kelli recently posted..Soroptimist Herning turns 40!My Profile

  18. Thanks for sharing this info. It sucks big time to be hacked, but I’m glad you shared this info so others, including myself, can learn a few things. I hadn’t thought of plugins being such a big security hole.
    Eric | Eden Journal recently posted..I Need Your Help to Test Techinques for Falling AsleepMy Profile

  19. Gutsy Writer says:

    Eric,

    Nice to meet you.
    Yes, plugins need to be removed if not used.
    Sonia

  20. Penelope J. says:

    Sounds awful. Never heard of a blog being hacked before. Didn’t even know that could happen. Why on earth? Loved that you went from Panic to Mad to Gutsy. Glad you were able to solve it.

    I have a WordPress blog though before I start blogging again, I plan to completely update/redesign and maybe have a separate one linked to website blog. Therefore, thanks for the advice that should serve me well in setting up defenses against such an occurrence.
    Penelope J. recently posted..Never Give Up on Your DreamMy Profile

  21. Gutsy Writer says:

    Pennie,

    I wasn’t sure what you meant by having a separate blog linked to your WordPress blog. Do you want two blogs?

  22. Penelope J. says:

    No, same blog but two venues. It was a suggestion another blogger made that would make it easier for me to manage it rather than as part of the website. But have to consult with someone in the know first.
    Penelope J. recently posted..Never Give Up on Your DreamMy Profile

  23. Barb says:

    Oh goodness, you have my sympathy. Never happened so far here, although Ihave had a hotmail addressed hacked – someone sent messages out as me

  24. Wow! You have my sympathy. Thanks for the adise, although I hope I’ll ever need it. Have been out of town, but haven’t forgotten your qustion about a Gutsy friend. May have something.
    Dee FitzGerald recently posted..The O’Reilly FactorMy Profile

  25. Amanda says:

    wow – i’m so sorry this happened sonia. but it sounds like you trusted your gutsy self and got it figured out — good for you!

    (p.s. thanks for calling last week – i really enjoyed our conversation!)
    Amanda recently posted..Goddesses in the Dirt: Our Lady of Perpetual Fear, Pain and Suffering… just to name a fewMy Profile

    • Gutsy Writer says:

      Hi Amanda,

      Yes, but I needed help too. Enjoyed speaking about the headaches that all writers seem to face when rewriting, restructuring, etc., with you.

  26. sandy a says:

    I am a little late seeing this, but one of my friends had her domain stolen and bits and pieces of her website lifted and placed in other websites. She is a free-lance magazine journalist, interviewing rock bands and writing critiques of music.

  27. Gutsy Writer says:

    Hi Sandy,

    That sounds terrible. How scary for her and I am shocked that someone can steal a domain name. Is she still writing?