script async src="//pagead2.googlesyndication.com/pagead/js/adsbygoogle.js"> google.com, pub-0949974396517105, DIRECT, f08c47fec0942fa0

What I Learned By Getting Hacked

malware warning from Google

“The Internet is the first thing that humanity has built that humanity doesn’t understand, the largest experiment in anarchy that we have ever had.” – Eric Schmidt

Most of you know by now that my website was hacked last week. You probably saw big warning screens like the one above when you tried to visit my site. And most of you have been asking what happened. So… Here’s the story: I’m traveling like crazy this month, so I had to cram most of this months blogging work into one week and a half long period in between a conference in Texas, and my trip to the Nike Young Athletes Innovation Summit in a couple of days. I was pretty stressed at how much work I had to do, but ready for the challenge.

Then – I got hacked.

I mean, majorly hacked. I had been working on a sponsored posts for Clever Girls, and took a break for lunch. When I came back to my desk, my dashboard had been replaced by a huge malware warning screen. I freaked out a bit. I’m NOT tech savvy, and am not good at troubleshooting when things go wrong. So my first step was to check in to my Facebook groups to ask for help. None of the simple solutions worked. Ugh. What to do?

“There are three kinds of death in this world.  There’s heart death, there’s brain death, and there’s being off the network.” – Guy Almes

I was already starting to get messages – emails, tweets, fb comments – asking what was going on. My next step was to call my hosting company for advice. Long story short – After 2 days of waiting, being assured that the scanning service I had purchased would find the problem, and the GoDaddy security team would help me fix it once found – I was informed that all 5 people I had spoken with had given me the wrong info. While the scanning system would assist me in finding the issue, there was no one at GoDaddy who would be helping me to fix it. Oh. My. Heck. 2 1/2 days of waiting to find out that I was still at square one?? I kind of lost my cool for awhile. Luckily for me, the uh-MAY-zing Beck Ryan from Stone Alley 4 WP came to my rescue!! {Connect with her on Facebook too – she is awesome.} Everyone has told me how super smart she is at fixing just about any WP problem imaginable – so I was so relieved to have her helping me out! She was able to login to my account, find the malware, and clean it up right away. But…. It kept coming back. Again, and again. Since Becky is pretty much a genius with this stuff, she was incredibly frustrated by this – and said she’d never seen anything quite like it. Finally, I felt bad for taking up so much of her time, and decided to look for some additional outside help.

“A blogger is constantly looking over his shoulder, for fear that he is not being followed.” – Robert Brault

At this point my Adsense account had been suspended, I had caused problems for a ton of other bloggers who were linked to me, Google had me blacklisted – and I’d missed an incredible amount of deadlines. And – I’d been online night and day, trying everything I could to get things fixed. Every time we thought things were clean, and starting to clear up – another attack would hit and knock me back down again!! But, finally, we figured out what we THINK was the trigger to it all –

The problem: ADV Plugin Scam for WP – Malware and More!

I’m always super careful about adding plugins. But, this was back at the holidays, the company had looked reputable, and I was so over-worked that I fell for this and didn’t do my research. It was supposed to be for adding ads to my site – but then I didn’t realize in the craziness of the holiday season, but I never heard from this company again, and just kind of forgot about that plugin. It was most likely the door that let the hackers into my site. From what GoDaddy told me, this malware originated in Russia – it caused my site to FILL with porn pop-up ads, and added malicious code that would attack the visitors computer. Since this was such a devastating ordeal, I have named it the Russian Porn Pop-Up Attack of 2012, to try and give it a bit of humorous side. You know, so I don’t cry when I think about it :)

The Silver Lining in the Malware Cloud

Does it seem crazy to say that while this was the MOST stressful thing that has ever happened since I’ve started this site, it also had some positives to it? Well, it did, and I want to share some lessons learned:

  • I now know SO incredibly much more about the inner workings of my site than I did before. I know what FTP is, where to login to it, and how to change my password. I know how to look at the coding in my site, and some red flags to watch for. And I know everything in my Webmaster Tools dashboard like the back of my hand!
  • I finally added some extra services to help me run my site. Things have gotten too big for me to handle it all on my own. And, since I rely on only this income to support me and my little girl – I cannot afford another crisis like this! I now have a great security company doing daily scans of my site, monitoring it for problems – as well as basic maintenance package to stay on top of updates.
  • I learned that I have an incredible group of friends and fans online! I cannot even tell you how helpful all of the tips and information you all sent me. The words of encouragement were so needed and appreciated. And to all of the other bloggers who offered assistance – You all rock. I had no idea how truly amazing the people I’ve met online really were until this crisis hit!

So – Thank you SO much to everyone for sending me the kind words, the offers of assistance, and great tips to try. Luckily, everything is FINALLY fixed, and determined by Google to be totally clean and safe again. Whew – What a week it’s been!

What to do if your site has been hacked:

Most cases of malware are pretty simple to clean up – might be a bad link in a spam comment, or an ad or button in your sidebar causing problems. But if you think you’ve been hacked, here are a few tools and resources to check out:

  1. Check out your sites health in the free security scan on Sucuri.com – it’ll let you know what types of problems your facing.
  2. If your WordPress site was hacked, this article will give you some tips on what to look for – if you’ve got some decent tech skills, you might be able to fix it up yourself.
  3. Need more help? Then check out the great services offered at Stone Alley 4 WP – she is totally affordable, and super amazing!
  4. Want to protect yourself from problems in the future? Check out this article on How to Protect Your Website from Hacker Attacks. Great tips that can help you avoid a huge catastrophe like I just went through.

Make sure to always keep your site updated with the latest versions of WordPress and each of your plugins. Be sure to use secure passwords. Be cautious in how many plugins you use, since they do add a bit of risk to your site. And if your site is more than a hobby, I recommend adding a maintenance package and security services to your site too, to make sure you have access to quick assistance if you need it.

Share your story

Have you ever had your site hacked? Any tips to share – what to avoid, how to fix it, services that rocked? Share your story in the comments – maybe it can help someone else avoid a mess too!

Thank you so much for your patience & support – I’m glad to be back!!

 

signature

Comments

  1. Never had this happen, I’m pretty new, but I really hope it never does! Congrats on getting your blog back! :0)

  2. Glad you’re back! So sorry this happened to you – what a pain!

  3. I am so glad you got this FINALLY figured out. I also appreciate the shout-outs; although I couldn’t ‘totally fix it” , I appreciate the mentions!

    • Sunshine and Sippy Cups says

      You were a ROCKSTAR Becky – and I appreciated your help SO much!! Without you, I am totally sure that this would have been even WORSE!!! :)

  4. So sorry you had to deal with this but glad to hear you are up and running. I have been hacked before on an old website I use to own. The one major tip I can give people, is don’t use godaddy. They where of no help, but they offer for you to “purchase” different services that really make no difference as they are not going to be much tech support and help you get your site back up and running. I use a hosting site now that if something happens they are right there a long the way and helpful at every turn and bump in the road. Not to mention, its 24.7 live support and no long distance number to call!

    • Sunshine and Sippy Cups says

      Ugh – That’s the same experience that I had. But they sold me on the security scan, promising that once it found the problem, they were going to help me.

      First guy – Buy this scan, it will help, and in 30 min you’ll know what’s wrong and we’ll help you fix it.

      Second guy – {2 hours later} – No, it takes 2-6 hours to start. But it’s already running, so it’ll be soon. Just wait patiently, and we’ll soon be able to help you fix it.

      Third guy – {7 hours later} – Sorry, there are no scan results, other guy was wrong. Your scan is actually scheduled to start tomorrow at 5 pm, not today. Ooops. Me – {insert crazy stressed-out rant here} – then I cancel the stupid service and decide to call someone else in the morning.

      {Next Day}

      Fourth guy – I get an email with scan results, and it says call to get assistance. I do. They say, sorry, you can’t have those results because you cancelled. So this guy – finally – is super nice. Convinces me, again, to buy the service, because it truly will help me, and allow them to fix things with me. They can’t help me until the scan is complete – but he’ll start it right away this time. I trust him. Purchase it. Set it up. Prepare to wait another 2-6 hours.

      Fifth guy – 8 hours later, no results. Call. Guy says that it IS scanning. Tries having a security person look at my site and info, they don’t see the malware right away. Says – give it a little more time. When scan is done we can help you. THEN – the email comes through on my side, scan complete! He checks it, says yep – give us just about 10 more minutes to finish looking into it. Call back in 10 min, and we’ll finally help you clear it up. YEEEESSSS!!!

      Sixth guy – I give them 15 min. Call back. Am not allowed to be transferred to Fifth guy. Says their system doesn’t work that way. Tells me that GoDaddy DOES NOT HELP PEOPLE FIX THEIR SITES. He says that the scan simply shows that Google has blacklisted me due to a malware issue. I’ll need to contact Google for details.

      Wait – What????

      I waited two full days, with no site. Constant questions from advertisers and sponsors. Waiting on this stupid GoDaddy scan – to be told that I have a malware issue? You’re joking, right?? I’m being punked??

      Nope. I say, what happened to the last guy? He JUST said to call back and they’d fix it. Sixth guy says, “I just talked to him, and he didn’t say that.” I asked how FIVE separate people could tell me the same thing, and be wrong. How could TWO people sell me the same solution, and be wrong? He pretty much laughed at me, and told me to go somewhere else.

      All that said – the next day, someone called from their security department, to find out what was going on, since I’d bought and cancelled the scan service twice. HE was amazing. Super helpful. Was pissed that the idiots that answer calls were so stupid. So, I haven’t cancelled hosting. But I might.

      Great story, huh?? And that was just the START to my giant crisis…. :)

  5. I’m so glad you figured out what the problem was! You handled it much better than I probably would have… I would have curled into a ball and cried for a day or two, lol.

    • Sunshine and Sippy Cups says

      I’m not saying that I DIDN’T do that, lol.

      There WAS a lot of crying involved.

      And maybe a couple…few…many glasses of wine :)

  6. Glad you are back and since I am new to WP I will be taking some of your advice, thank you!

  7. Glad you’re back! Plug ins scare me… that’s why I’m still on blogger ;-)

  8. Glad to see you’re back up an at ’em!

  9. Welcome back! I’m so glad you got it all worked out. And thank you for sharing your lessons with the rest of us.

  10. You are right, Becky is a total rockstar! I’m so happy you’re back in the blogosphere lady. :)

    • Sunshine and Sippy Cups says

      She definitely is – I don’t know what I would have done without her :) She might not have been able to find that root problem that was letting the hacker stuff back in – but without her help, I guarantee that this would have been even worse! Plus, just to know that there was someone there to help me was amazing! I have to think of something awesome to pay her back now….. :)

  11. It is so GREAT to see your site up and running again. What an awful ordeal, but what a great person you are to put such a positive spin on it! Hopefully you are breathing a little easier now. :)

  12. Yay! I am so glad you are back up and running! I kept Colby up-to-date every day and we were stressing with you! I love Becky! She absolutely rocks… and so do you! Ironic how we just talked about you not knowing the tech side of your blog… you probably know more than the rest of us now. ;)

  13. Thanks so much for sharing this, I really glad to hear that everything turned out ok! Becky is amazing. She is my go to person as well.

  14. I am so happy that you are back and immediately shared your story!! I started all of this as a hobby and now I’m so deep into it that I’ve thought along the lines of working from home and making income from my blog. Having said that…I have a LONG way to go before I would be able to take the plunge and do what you do. YOU are amazing!!

  15. I actually just had the same happen to me about a week ago. I referred to it as a ‘Porn-ado’ as in Tornado. It covered my site in porn, too. As a Deacon’s wife (who’s a Pastor-to-be), I was mortified. I use Blogger & they were NO help at all. I had to delete my add-ons one at a time until it finally left. Turned out to be a mal-ware/spy-bot whatever, attached to my Calendar. Oh all things, the calendar?! Yes, true story. Alot of prayer & alot a patience, but I actually still have the apology post up. I emailed it, tweeted it, Facebooked it, & prayed no one was offended. I’m glad you got yours fixed too. These are just relentless.

  16. Great to have you back Meagan! Sorry to hear about all the trouble… those feelings of being powerless are the worst!

  17. Was happy to stumble your post.

  18. So awful, but glad you made it through and lived to share your experience with the rest of us :-). Stumble-worthy post, for sure!

  19. This happened to me yesterday and O…M…G. What a nightmare. Becky is also my go-to gal, so she saved me. I also deleted some plug-ins that I wasn’t using…and I added one called Wordfence, which is ah-maz-ing for scanning and detecting corruption, etc. but this whole thing….wow, I wouldn’t wish this on my worst enemy. Well, maybe my worst, but no one else.

Speak Your Mind

*

This site uses Akismet to reduce spam. Learn how your comment data is processed.