Golram, I hate frakking hackers.
I’ve been hacked, with some jerkwad putting tons of dirty links into my content to point to his site. The links are set up in such a way that they never get displayed in my blog; they are in the content but don’t appear in the actual entry when you read it. They probably did this to get links to their site from highly-placed sites (that can be valuable when people search google for certain search terms).
I believe this was done before I upgraded to a newer, more secure version of WordPress. I have edited a few entries, but there are lots with this garbage in them. If you subscribe to my blog through an RSS feed or via email, you may be seeing a flood of posts as they are edited. My apologies. Believe me, you’re not nearly as put out as I am.
*^@$#&#*$^@#* hackers.
Update: I think I caught it all, and deleted the bad stuff. I’m very very sorry if this put anyone out.
Update 2 (Saturday March 3): I have cleaned everything up and upgraded the software as well. This should be the end of it…
March 1st, 2007 at 2:33 pm
Razzafraggin’… man, that sucks.
What version were you on previously, if I may ask?
March 1st, 2007 at 2:37 pm
2.0.9 or something like that. Let this be a lesson: stay up to date.
March 1st, 2007 at 2:41 pm
So sorry to hear about this unwarranted invasion of your content.
Every time a generous person attempts to provide a growing service to others some unknown envious or greedy person plants weeds.
Keep working on your security and look for someone to proofread all of your updated code.
Good luck….
March 1st, 2007 at 2:56 pm
Outstanding. 2.0.9 is the latest in the 2.0.x series, and I’ve been leery of going to 2.1.x. Looks like I don’t have a whole lot of choice in the matter, eh?
I just love enforced upgrades…
March 1st, 2007 at 3:21 pm
Yeah, and I have quite a few hacks to keep track of when I upgrade, so it’s a major pain. I wrote up a list of files I’ve changed so I can do it more easily in the future.
March 1st, 2007 at 3:30 pm
Hey Phil,
I’m usually not opposed to random pornography, but that’s too bad about the dirty links. I’m glad you got it straightened out.
Also, is that really you on the Skeptics’ Guide to the Universe boards? As a skeptic I like to verify these things.
- Jordan
P.S. I can’t WAIT to hear Part 3 of your debate with Joe Rogan!
March 1st, 2007 at 3:48 pm
Hi Phil,
If I may ask – how did you discover that you’d been hacked? I’ve been putting of my own WP upgrade for sometime, and even now I’m not sure when I’m going to get time to do it. I’d like to know what I should keep an eye out for.
thanks!
- k-man
March 1st, 2007 at 3:51 pm
I check inbound links every day to see who’s linking here. The vast majority are from Google searches, and the search terms are in the URL. Let’s just say I caught a search where the terms were not so appropriate for this blog.
March 1st, 2007 at 4:13 pm
I work in the adult Internet industry and unfortunately this sort of thing happens a lot. The reason that Phil is targetted like this is because of his popularity. Going to just anyone’s blog and inserting keyword rich links won’t do much for a someone, however going to a site that is popular (meaning it has a good PageRank, many return links from other high PageRank sites, etc) and inserting this content will give the hacker’s site artificial relevance in the search engine. One of the things that those of us in the industry who don’t use these “black hat” methods have implemented is the hand entry verification code. Go to geektools.com and use their whois service…you’ll see you have to type in a word that is randomly generated in an image. This drastically cuts down on these types of attacks.
March 1st, 2007 at 4:29 pm
This happened to talkorigins a little while ago as well. They didn’t find out until google sent them a somewhat ambiguous notice that they had been delisted for violating google’s TOS.
March 1st, 2007 at 4:37 pm
Thanks, Phil – I’ll take a look and see if I’m getting the same thing. My site is nowhere near as popular as yours, so hopefully Scott is right in that I won’t be as an attractive a target.
March 1st, 2007 at 5:44 pm
There are many people, including myself, who once proudly called themselves “hackers”. Hacking at computers was not assumed to be malicious. The preferable term for a hacker up to no good is “cracker”. Please, Phil, try to avoid further demonizing of the term “hacker”. The information one gets trying “hacker” at Answers.com does try to clarify what has happened, though the unfortunate more recent malicious interpretation is admitted among the first set of definitions. (I suppose because this misinterpretation of the word has become distressingly common.) Nevertheless, there are good reasons to avoid reinforcing the malicious interpretation – especially since a adequate substitute, “cracker”, does exist.
March 1st, 2007 at 5:51 pm
Phil,
Something similar happened to me, only it was a jerk going through and putting porn links in comments. I had to go into Haloscan and ban a bunch of IP numbers…I don’t have near the visitors you do, but i still get the dirty diaper bunch coming in and messing things up sometimes.
March 1st, 2007 at 6:54 pm
Wow. That really sucks. I’m just glad that you got everything back up and running. I doubt it was a real hacker though. Real hackers aren’t in it for f****ng up websites like this, but might go after RIAA or something like that. At least… that’s how it once was. Probably a script kitty or poser or something.
March 1st, 2007 at 7:47 pm
These aren’t hackers in any sense of the word…in the industry we call them link spammers. No real complex knowledge is needed to do this…it’s a simple php script that crawls google looking for blogs, checks them for security holes, and then spams their comments and such with links. So all you hackers can breathe easy…these aren’t hackers or even crackers…just an ugly cousin called a spammer.
March 2nd, 2007 at 5:19 am
Da-shiang bao-tza shr duh lah doo-tze!
March 2nd, 2007 at 5:32 am
My company is dealing with someone trying to get into our elearning server through SSH – we’ve got a software update scheduled for next weekend, and for right now, we’ve changed the SSH port on him – he hasn’t found it yet.
Hackers – er – CRACKERS (though I suspect you guys are losing that semantic battle) should get the same types of punishments that I feel we should dole out to rapists and child abusers and people who scam money out of nice old ladies by selling them naming rights to stars.
March 2nd, 2007 at 7:02 am
The Tarrkid: And people who talk in movie theatres!
March 2nd, 2007 at 7:42 am
And preachers who sell prayer towels and other unbelieavable political and pseudo-religious nonsense to people who can least afford it.
March 2nd, 2007 at 8:02 am
Sue Mitchell, do you actually know what you posted? Is it something safe for a “child-friendly” board? I don’t just mean American child. You know there are children who know Chinese.
March 2nd, 2007 at 8:57 am
LOL! Yes, Irishman, I know what I posted, agus tá sé fliuch agus salach, just like the hacker.
March 2nd, 2007 at 9:12 am
Was watching Future Cars last night. One of the new research tools described was a glove that provides tactile feedback to the wearer, so they can feel the shift knob, steering wheel and turning forces required. How much longer will it be until the porn industry incorporates this into their virtual world???
As an aside, this (glove)is exactly what I’ve been looking for, for my teleoperated robot, so I can feel how much torque is required to turn screws, knobs, etc while building a power sat from the comfort of my living room,,,
Gary 7
March 2nd, 2007 at 9:37 am
That glove is just around the corner….they were in to see us about 4 months ago…it’s not quite cheap enough to be a viable consumer product yet…but it’s coming.
March 2nd, 2007 at 10:19 am
MMMmmmmmm …. virtual nipple tweaking …….
March 3rd, 2007 at 4:04 am
If you havn’t seen it yet:
WordPress 2.1.1 has also been hacked!
http://wordpress.org/development/2007/03/upgrade-212/
March 3rd, 2007 at 4:13 am
Gary Ansorge … too late…
. I was reading a preview of a porn game the other day and it comes with …. err… wireless USB accessories.
March 5th, 2007 at 1:01 pm
Further to firehawk’s warning:
http://www.theregister.ca/2007/03/05/wordpress_hack/