I’ve had better weekends. The “visitors” arrived on Thursday evening, which I’ll write about elsewhere, and on the very same day… all my websites were hacked. All of ‘em. And ain’t that a kick to the luggage?
I started receiving emails on Thursday afternoon, from people saying they were being redirected to a Russian porn site, while trying to access TheWVSR. I checked it out, and didn’t see a problem. But the messages continued to pour in, and folks were telling me it only happens when they try to reach the site through a link – like a Google search, or via a post at Facebook or Twitter.
I went to my Twitter page, clicked on a ‘New at TheWVSR’ update, and my computer was instantly thrown into crisis. All sorts of windows opened, something started downloading, I began frantically clicking Xs, and more shit began opening-up… Dammit!!
I finally got it all stopped, and ran two system scans: antivirus and anti-spyware. The antivirus program found and removed two “critical” and “malicious” files. Grrrr…
Since this was obviously happening to others, I felt confident I didn’t have a redirect virus on my computer; it wasn’t just limited to me. I wondered about Mockable, which is housed on the same server. And that turned out to be a tactical error… I foolishly did a Google search, and was redirected again – to the same Russian cul-de-sac of pornography and bad times. Another pair of system scans quarantined six(!) critical and malicious files.
This is all of my websites, I realized. All five of ’em. It’s not just a Surf Report problem, it’s apparently a full-blown server hack. So, I opened a support ticket with my hosting company, and heard nothing. I’m not the most patient person in the world, and considered calling them. But experience told me it’s better to just wait it out. Maybe they were investigating the problem, and fixing it? Ha! I was so young and naïve back then (on Thursday).
I heard nothing throughout the evening, and emails from readers continued to arrive. As you can probably imagine, my eyes were bugging out, and I was running my right hand through my hair. The “visitors” were working their unique brand of magic upstairs, as my entire secret world crumbled around me.
The next morning I had two emails from my host, but they weren’t helpful. They were blaming it all on a local redirect virus. I fired off a reply, and knew it would be hours before I heard anything further.
I went back to the Surf Report site, to see if you guys were talking about it in the comments – and it was down! Completely down. There was a FATAL ERROR message where the homepage should’ve been!! What in the log-rollin’ hell?? I had visions of a server farm in Atlanta, engulfed in flames – huge black clouds rising at a 45-degree angle.
At that point I flipped out a little, and began peppering my hosting company with frantic emails. I also sent a message to a guy in Canada who has helped me with website problems in the past. He knows his stuff, but I try not to bother him with every little thing. This one qualified, though.
The hosting company began regenerating a back-up from the previous day, which took care of the FATAL ERROR problem. But they still insinuated that the redirect problem wasn’t their issue. I wanted to rant and rave about all this, but had to keep it bottled-up. You know, because of Nancy and the gang… And do you know how frustrating it is to hold back a powerful, white-hot rant?
My Canadian friend went into the Surf Report files, and located a hunk of foreign redirect code, and shitcanned it. He told me it was definitely malicious, but could only guess how it might have been injected into my world. This is the second time something like this has happened, during the past year or so. Are those servers secure enough? It’s a damn good question.
The next morning he went into Mockable, FurtherEvidence, CrossroadsRoad, and Suggestaholic, and removed the exact same cancer cells. Five different sites, with five different username/password combos… all with the exact same hack. Bastards!
You guys don’t need to know every tiny detail of this fiasco, I don’t want to become like Lenny Bruce during the last few months when he just went on stage and read transcripts from his court appearances. But the sites were completely cleaned up – with minimal help from my host, I might add – and the next morning it RETURNED! Someone or something got into the code again, between 3 and 4 a.m., and replaced the crap that was removed.
And the top of my head nearly opened-up, like one of those flip-top trash cans with a foot pedal.
By this time Google had had enough, and listed Mockable as an “attack site.” It’s completely blocked in Firefox, IE, and other browsers. I’m going to have to jump through twenty burning hoops to get them to reconsider the classification. Adsense is threatening to close my account, because they think I’m peddling commie porn and computer viruses. It’s a freaking mess!
My Canadian friend removed the redirect code again, and so far, so good. I held my breath when I got up this morning, and checked all five sites. Everything looks OK. But it wouldn’t surprise me if it returns.
I haven’t been able to think straight during this whole ordeal. An entire weekend lost… And it’s still not resolved; I’ve got plenty of leftover problems remaining. And Mockable is at the top of the list.
I’m going to work my normal schedule this week, then Nancy and her brood will return (like bad code) on Wednesday evening. We’re going to Knoebels on Thursday — which will be interesting — and I’m going to work overtime on Friday and Saturday nights. So, you see, my whole life is upside-down. I’m working for the weekend, but the weekends are conspiring against me.
What are your current complaints? Since I’m a-bitching, it only seems right that you guys should be encouraged to do it too. Use the comments section to let it all out… Tell us about the stuff that’s pissing you off on this gloomy Tuesday.
And I’ll try not to be quite so… Gothic tomorrow.
See you guys then.