On Saturday my website was hacked. It started with this email from some dude named “Info”. The subject line was: “Are you OK?!?!”
The content read:
Hi, Im a hacker.
I dont have much time, but I saw that you remove the account that I created on your Cpanel, you know that I dont want to harm to your site.
I just want to have some space to park my domain.
But, if you annoy me, I annoy you too.
This is the first alarm.
If you dont pay attention to this alarm I will hack your site very terrible.
Well, besides having atrocious spelling and grammar skills, this guy just pissed me off! So I went to my site: www.LinkedIntoBusiness.com and sure enough, this lovely message came up:
Beware this message
(What happened – for those of you who understand what this means – is he went into my root file and deleted my CSS files, replacing them with this code – I think)
I freaked – and then got on Twitter.
With a little research, my friend @KurtScholle discovered the culprit’s email address was: sedghi.saeed@gmail.com (feel free to retaliate if you like) and said culprit had parked several icky sites in my hosting account @HostGator Particularly nefarious was the fact that he had set himself up to receive all my backups – eeeeeewww (Thank goodness I never backed anything up!)
It was only a few hours after my site was hacked that people began letting me know that many of my links were broken. (Thanks @CourtneyEngle)
- So the first “blessing” was knowing people actually looked at my tweet stream and bio and were clicking onto my (now inoperable) site. They love me, they really love me!
- The second blessing was the number of people who jumped in to help. Here are a few screen shots of these amazing people! My thanks go out to: @HammyHavoc @AlexResolutions @KathyJordan @EvolutionFiles @GrandmaMaryShow @RobbNovac @A2Hosting
- The third blessing were the hours my friends gave me to help me out. Every one of them free of charge. A huge special thanks to Kurt Scholle of www.webasylum.com, Richard Wright of www.WrightComputerSolutions.com and Chris Cree of www.SuccessCREEations.com (I must add here, that it only took Chris 45 minutes to decipher and fix what was a rather sophisticated hack!) BTW – these are not just friends who had nothing better to do on a Monday afternoon- these are consummate professionals – some of the best in their fields… just sayin’
- Blessing number four: This took place a few days BEFORE my web guy was going to do a major overhaul on my website – so we didn’t lose any work.
- Blessing number five: I hadn’t any merchant services or product active on the site . In fact, all my product had to go through another site and another host www.inboundmarketingproducts.com
- Blessing number six: I learned my lesson, and am here to share them with you!
Lessons learned:
- Even if someone else creates, manages and hosts your site, acquaint yourself with the CPanel. If I went into my CPanel more than once a semester, I would have caught the squatters earlier (like in May)
- Make sure you use a trusted host (I use, and Chris Cree recommends Hostgator)
- If you use a WordPress based site, make sure you upload the latest version (3.0)
- DO NOT use the generic usernames (admin, etc)
- USE A SOPHISTICATED PASSWORD. This is what got me – I just used numbers and letters and the password was – well – kinda obvious. Use a unique password for all your sites and sign-ins. Use numbers, case sensitive letters, and special characters. Do not use a version of your name, your pet’s name, or the domain name. Better yet – use a password generator.
- Cultivate friends who can help in these situations – and reach out to them.
- BACK UP YOUR DATA – not just your computer data, but your website. Almost all hosting sites have backup options. Use them!
So my site isn’t still up to snuff, but things could have been worse – a lot worse. What this showed me was I was being sloppy, relying too much on the knowledge of others, and not relying enough on my friends. Now I know better. I also know what an awesome resource we have in twitter!
If you’ve ever been hacked, and have some advice, please let us know!
{ 13 comments… read them below or add one }
Wow Viveka, you didnt waste anytime getting through this and moving on to the “lessons learned” Many would still be stewing and not getting anywhere.
Im glad to see you are ok and back on the horse. This kind of hacking is really the digital equivalent of breaking into someones house. Even if nothing is stolen, its still a flat violation.
Im glad one of the lessons learned you shared was the need for a good password system. After my number 1 pet peeve of letting kids play on the computer and reaking havoc, my #2 soapbox is having weak login and password info. Using 1password (mac) or Roboform (pc) should imho on everyones list for not only managing our sensitive data but also as a crazy password generation tool. Of course if someone isnt that hardcore, simply using a combo of Cap and lowercase letters along with numbers with a word that is NOT in a dictionary anywhere….should do the trick pretty nicely. At least you got a good movie out of the deal huh? which leaves one question….. Action (im going to kill everything) or chic flick ( I just need a good cry)
Heya Viv! You are so right. While this was bad, it could have been much worse for you. I’ve seen several WordPress sites that have been hacked. They usually fall into a couple different categories.
1. Passwords that are way too simple and get guessed by hackers.
2. People who don’t keep their WordPress core files, themes, and plugins up to date.
Out of date code often has known vulnerabilities and I’ve even had clients where hackers gained access when a site still had an old version or WordPress but didn’t exploit their access until after the site was upgraded. Crazy.
Keeping your code up to date, using strong passwords, and performing regular backups will go a long way to preventing or at the very least minimizing potential damages site crashes. And sites crash for other reasons beyond hackers too!
And don’t forget to back up your theme files as well as your database too!
Thanks for sharing Viveka, and so sorry you have been abused in this way by such a person.
I was on Facebook the other day when a friend popped up and asked me for some money, “he” used language that was not him at all, so I cut the conversation and reported his account has hacked.
What we have experienced is a real threat, and we all need to get smarter with protecting ourselves and the platforms hopefully will do all they can to help us.
Wishing you a happy recovery for your website, and if I can help at all please contact me.
Phil
Thank you Phil – well – I figure part of my job is being a guinea pig for my clients – hopefully this article will keep others from being hacked!
Thank you – excellent advice!
Hah! So true. And thanks for your password generating advice! As soon as I get my mac I will invest in 1password!
Actually – I saw one action flick (Knight and Day) and one chick flick (Eclipse)!
This was a very interesting case. Can’t believe the guy sent you an email threatening you not to interfere with his nefarious deeds.
It should be a lesson for all! Use tough keywords, make sure your files are updated often, backup your posts often.
– Kurt
He’s an unusual hacker – more a blackmailer. Got another threat yesterday!
“Make sure you use a trusted host (I use, and Chris Cree recommends Hostgator)”
I’m thinking a trusted host would not have allowed you to be hacked in the first place. There’s lots of hosting companies out there that are way more secure than Hostgator.
I’m compiling a list now – who do you suggest?
Once again Chris – thank you so much for your help! So far so good. And I will be getting 1Password to further protect myself!
Saeed Sedghi murdered his wife and turned the gun on himself in 2003. It must be a dummy account.
That’s even creepier!
{ 2 trackbacks }