At 2:03 a.m. Pacific time, a computer somewhere in the Ukrane arrived on The 3/50 Project website…but not as visitor. Sixty seconds later, every single page of the site had been hacked, loaded up with dozens and dozens of lines of code pointing to pharmaceutical websites of less than reputable stature.
We were hacked.
The good news is all this did was add “garbage” content to each page-—some visible, some only found in results on search engine sites (and believe me, “garbage” is a much kinder word than I’ve been muttering under my breath all day). Essentially, they wanted to borrow our audience and ride our coattails.
Cretins.
The better news is that the garbage has been hauled out and unceremoniously dumped in a virtual trash can. The pages are back to squeaky clean condition, with the exception of the individual states’ supporters pages that need some more loving care to return the graphics to their normal spots.
The very best news is that no private information is stored on that server, so nothing sensitive was at risk. At least nothing more sensitive than my pictures from Beijing last May (big thrill for me, but not so much for them).
No viruses involved-—just some creeps who think it’s okay to spray paint all over someone else’s house in the middle of the night. Rest assured, we’re safe. We’re sound. And we’re loaded up with a truckload of additional security.
Sorry for the stunned “Huh???” moment some of you experienced when visiting the Supporters page only to be met with several dozen drug site links. Not quite the experience we intended to offer.
Click here to tell me what you think....
The exact same thing has happened to my website hosted with Inmotionhosting. My website is a flower shop and I have to wait until Tuesday November 17th to clean up all this drug crap as I have no access to my home computer. Meanwhile, we have lost our great top page Google rankings for Florist in Minneapolis and a lot of our pages are totally filled with drug company no prescription needed crap. I could use some Children’s chewable morphine right about now. Any tips other than deleting the crap and reposting each page? Thank you!
Laura
Chez Bloom
A great Minneapolis florist not a pharmacy!
Editor’s note: If you caught the hack early (ideally, within 12-24 hours of what it happened), the host can replace your hacked pages with clean ones from the backup. If, however, an automatic backup has occurred since that hack, well…that copy’s “dirty” too. If this is moving you down the Google search, odds are, it happened quite some time ago (drats!).
Either way, you’ll need to:
(1) Update your current software, including FTP upload programs, site building programs, and anything made by Adobe–even if is has nothing to do with your website.
(2) Re-save your pages on the computer after installing all patches and updates.
(3) Re-upload all pages, including those not hacked…don’t forget your index page, if you use it as an redirect.
Where did the hackers get our passwords? According to InMotion, from a vulnerability in Adobe Acrobat, even though the program wasn’t used in creating any of my sites. Besides, my Adobe products automatically check for and install updates daily. Doesn’t make sense to me, but I’m not a programmer.
Initially, I also wondered about the security of my FTP upload programs, since, sometimes, site updates are done on the road. The snag? One of the three sites that was hacked hadn’t been updated in several months, and then, only from a very, very secure location. Couldn’t be FTP security.
I’ll drop you an email so we can compare notes. Maybe, between the two of us, we can find an overlap that shines some light on where the holes were. Hang in there!