The hack
And now I know what it feels like to be hacked. Some Ukrainian middle school kid – or so I assume – trolling WordPress sites for vulnerabilities last week felt a wiggle on his line and reeled it in. He broke into the WordPress dashboard, set himself up as an all-access administrator, infected a subdirectory with malware, and shut down the site’s automated backup routine.
None of this happened to me personally, you understand, but to a client whose site I maintain, which is much worse.
Our first clue that something was amiss came in the form of an email from Google informing us that they were flagging the site as potentially harmful. This meant that anyone trying to access any page of the site would be shown a bright red warning screen instead. Very embarrassing.
So I removed the malware and the new administrator account, changed the login password and resubmitted the site to Google. 12 hours later, they’d lifted the quarantine and all seemed well, but 24 hours after that, the site was hacked again, this time taking it down entirely. Visitors now saw only white screens and arcane error messages. At least the red screens had looked like web pages, and had been in English.
As of this writing, the site is up again, but for how long? How much more of my time will this silliness suck?