dharma monkey

embrace the monkey

Your site’s been hacked? Not mine!


Well actually, it was my site that got hacked by some happy joy-killers in Russia. A couple months ago, I tried pulling up my site from a friend’s house when his Windows Live OneCare jumped into the middle of the screen to say my site had a Trojan virus.

WTF? I thought. Not possible.

It took another month or so before I was able to figure out that folks in Russia had exploited the ability to upload photos in my Coppermine directory to drop veiled code in several spots throughout my WordPress templates and style sheets. They used a java script code called unescape that basically takes a Web address like hackme.russia/stealmydata.i’madumbass/takemycarkeys,too and scrambles it into a mish-mash of unintelligible symbols and random letters.

So there it was, all over my site, and I didn’t even know it. Thankfully, I learned. I deleted Coppermine, changed the permissions on every single file and directory on my site to read-only and changed my passwords.

Since all this went down, Google has gotten involved, red-flagging my site via stopbadware.org (props to them, by the way, for trying to eliminate this kind of stuff). I’m now awaiting a review from Google after having followed their instructions to sanitize my site. So if you’ve been caught in all this stuff, my apologies. And, I should note, lesson learned on my part.

Author: Sean

I am Sean, a writer/PR guy originally from the Rural South who grew up and settled down in Washington, D.C. My interests include local politics, Eastern philosophy, languages and reality television.

Leave a Reply

Required fields are marked *.

This site uses Akismet to reduce spam. Learn how your comment data is processed.