This blog has been hacked.
I don’t know when it exactly happened, but I suspect it was yesterday. I think I saw it coming. The other day three new users registered to this blog as subscribers. Their email addresses are strangers to me, i.e. the first time I heard about them. I’m normally security (and anonymity) conscious that I intended to reset my passwords soon because of that. However, I failed to do so because I wasn’t accessing this blog much the past days. And yesterday (I’m convinced that’s when the hacking happened), I had to spend almost the whole day in Dubai that I hardly went online. Except for the few comments that I moderated through my phone.
As I reached home last night, something nagged me to check my dashboard. There I found out that:
(a) There were already two administrators for this blog. I don’t know how that happened but I’m supposed to be its sole administrator. Though it’s too late, I immediately disabled the registration function. This bogus administrator probably used the “back door”.
(b) The permalink structure was strangely modified. Hence, if a reader would try to view a single post, there’s a script above the title that says, “Parse error: syntax error, unexpected ‘”‘ in /home/witsandn/public_html/wp-includes/classes.php(108) : eval()’d code(1) : eval()’d code on line 1”. When I checked the specific php file, I hardly can locate the malicious code.
(c) The preceding script’s immediate effects are that: the reader can’t leave comments or worse the site appears to be inaccessible/down.
I’m not technically literate to immediately fix the bugs. But instead of getting more irritated about these hackers and how to delete or modify the php files, I just consoled myself that I better go back to basic rather than waste my time on thinking of the things that appear complicated to me. I was using one of wordpress’ old versions (2.5.2) and I never wanted to simply upgrade but to go for a complete reinstallation for peace of mind. I was thinking that if I wouldn’t reinstall, some files that contain malicious scripts would probably remain. After almost a couple of hours, backing up, reinstallation and importing of old posts and comments were done. Whew.
The following day, I learned that I was not the lone victim but even the widely read Tech Crunch and Lorelle. The common denominator is that we were using some of the old versions of wordpress.org (wordpress.com is different). As you probably know, wordpress.org as a self-hosted platform is widely used/one of the largest blogging engines.
I don’t know the reason of the other administrators for not upgrading their versions. We probably are alike in some ways in my main consideration that I don’t want to get out of my comfort zone, i.e. I was satisfied with the old version that I’m also afraid that any upgrading will screw my then layout (some themes are compatible with a certain version), etc.
I’ve installed additional security-related plug ins. But I don’t think these would affect much the functionality of the blog. But probably, some good souls will be affected by the content protector plug-in that I activated to minimize stealing of contents (you’ll see for yourself when you try to right click the photo and other contents). I don’t mind sharing of work as long as we respect each other’s copyright. 😀
Going back to being hacked, that’s a lesson learned. Whatever blogging platform we are using, we should be cautious about the obvious risks. I tell you, I cared about this, but I was really into it when it happened to me. In real life, I’m not afraid to get out of my comfort zone. But with a blog being maintained, I cared less with the upgrades because I used to think that it’s just a blog. But not anymore.
Well, when was the last time you’ve changed your dashboard, cpanel and other log in details? You know what I mean. Do it now. 😀