"No tears, no glory": Rebecca, webmaster, traces attack to her site
From StopBadware.org...
The webmaster of a site that was hacked to distribute badware has teamed up with a volunteer on the StopBadware discussion forum to trace the hack through her site, and share her story with others. Rebecca the webmaster and Jart the volunteer hope their case study of the cleaning and securing of Rebecca’s site can help educate other webmasters about dealing with attacks and the bad code and backdoors hackers can leave behind.
Rebecca first learned that something had happened to her site when a badware warning appeared in search results for the site on Google. Following Google’s pointers to StopBadware’s Security Tips, Rebecca checked her site and found hidden iframes she knew she hadn’t inserted. She removed the iframes, but was surprised to learn that the issues on her site went even deeper.
With the help of StopBadware volunteer Jart, Rebecca uncovered subtler hacks, including SQL injections and administrator accounts that gave unknown parties full access to her site. Rebecca outlines the various steps Jart helped her through to determine the extent of the damage to her site, and to regain control by securing the site against future attacks. Now Rebecca is learning from Jart so that she too can help others clean and secure their sites.
The quick case study is well worth the read for any webmaster, whether or not their site has been hacked. Thanks, Rebecca and Jart, for sharing it with us!
The webmaster of a site that was hacked to distribute badware has teamed up with a volunteer on the StopBadware discussion forum to trace the hack through her site, and share her story with others. Rebecca the webmaster and Jart the volunteer hope their case study of the cleaning and securing of Rebecca’s site can help educate other webmasters about dealing with attacks and the bad code and backdoors hackers can leave behind.
Rebecca first learned that something had happened to her site when a badware warning appeared in search results for the site on Google. Following Google’s pointers to StopBadware’s Security Tips, Rebecca checked her site and found hidden iframes she knew she hadn’t inserted. She removed the iframes, but was surprised to learn that the issues on her site went even deeper.
With the help of StopBadware volunteer Jart, Rebecca uncovered subtler hacks, including SQL injections and administrator accounts that gave unknown parties full access to her site. Rebecca outlines the various steps Jart helped her through to determine the extent of the damage to her site, and to regain control by securing the site against future attacks. Now Rebecca is learning from Jart so that she too can help others clean and secure their sites.
The quick case study is well worth the read for any webmaster, whether or not their site has been hacked. Thanks, Rebecca and Jart, for sharing it with us!