I have been hacked

This post is part of a series called Updates South America
Show More Posts

Well not me personally – but my blog has been hacked. If you have noted that the blog looked a bit odd in a few days, then it is the explanation.

Wednesday last week, I got some mails in my mailbox with the below content, mails you just don’t want to receive and besides it was automatic generated mails that could not be answered.

Unfortunately, we have just been forced to temporarily close … .. because the product is the cause of problems on our server (s). The site is sending thousands of emails, and is probably hacked ………. There may be more files than just the above! Note this problem is solely due to the content of your product, and not a problem from the server side. Please solve the problem as soon as possible. Once done, please contact our support so we can reopen your product.”

First I panicked a little, thinking  😡 – Fix the problem, how on earth do I do that. The file names also mentioned in the mails, was pure gibberish to me and I had no idea whether it was new files, or they were used somewhere in the setup. The next thing I considered, was whether I was now going to lose it all. What exactly has been hacked. There are many components in addition to my own database so – HELP

I still had access to the files they referred to. But weather they could be deleted or not, I had no idea and how many others would there be?

My hosting company does have support service, but before I had got around to send a mail to them, they had left for the day – (4 hours ahead of me). Luckily I found a little guidance on their website. Among other helpful information, they mentioned they had 30 days of backup and for an reasonable amount, they could help get the blog restored. BIG SIGH of relief – so far so good, so I went to bed hoping it could be fixed.

I woke up early the next morning and immediately checked, if there was an answer to my mail. There was, so we got the process started, and before I had to leave  about 12:30, the site was restored and my password changed.

There was just one issue. They had tried to restore the backup from Jan. 1, as I had requested, since it would include my latest posts. Unfortunately it was not enough, so they took the oldest backup, fortunately after more mails back and forth, they suggested to restore the latest version of my database, and with that, I got everything back, except the photos. Compared to all my thoughts when I got the mails, I think it was an easy escape.

There were a couple of other hick-ups, not least because of the bad internet here, but now it is all back again and even more.

I thought the site was safe, but apparently not, so I have now changed passwords anywhere and installed a lot more security programs. Now I just need to get rid of my paranoia of it happening again.

I’ve just checked IP addresses for logins on the blog, and far more than half of them are being blocked by my security programs. In addition, I see a lot of attempts to login as an administrator. I think it’s the same person or a robot launched by the same person. The login are from IP addresses from many different countries around the world, but because, it is by the same user name, it is recognizable. Now they are blocked on all the used addresses, but there are still a huge amount of ​​countries left, so I expect there will be a lot more attempts from this user. It is really frightening and annoying that someone uses their time making so much crap. It makes you really want to speak up very loud: For Christ sake get a real life and use your skills on something sensible👎. I know it doesn’t help. For the moment, it seems to be a very popular job, not least in Russia – and yes – the hack of my blog could also come from there, but it’s only a guess. The system blocked logins comes from anywhere in the world.

There were times during these days where I was ready to give up having a blog, but I will try a little longer, so if you have a little more patience, you will be able to read about my visit in Buenos Aires and Patagonia.

Leave a Reply

Your email address will not be published. Required fields are marked *