May 11, 2010 40 Comments

The Recent Hacks on My Site

Thanks to everyone in the world who called, texted, emailed, direct messaged, and otherwise freaked out on my behalf about my site being hacked. I’m working on the solution, which seems not to be simple, I guess, as this has been a bit of a recurring thing of late. Though I don’t really want to give out the details of what they’re doing, it’s a reasonably benign-but-annoying process, and at this point, I can fix it in a few minute’s time, when I wake up.

That last part is the tricky part. It hits when I’m asleep and then all the nicest and most wonderful people in the world contact me to tell me it’s offline. I’m so grateful for the attention and the consideration, but if ever meet the hackers, I’m going to keep them awake for a month as thanks. : )

Anyhow, I’m on it. I’ve asked a few of the great people who help me keep the site running to help. Thanks.

Related posts:

  1. 3 Recent Great Podcasts
  2. Great Site: Self-Help Tips
  3. Neat Site: Write That Down
  4. Neat Site: Write That Down
  5. Revisit Your Site Carefully

ChrisBrogan.com runs on the Genesis Framework

Genesis Theme Framework

The Genesis Framework empowers you to quickly and easily build incredible websites with WordPress. Whether you're a novice or advanced developer, Genesis provides you with the secure and search-engine-optimized foundation that takes WordPress to places you never thought it could go.

With automatic theme updates and world-class support included, Genesis is the smart choice for your WordPress website or blog.

Become a StudioPress Affiliate

  • http://www.google.com/profiles/Strodtbeck.C Charles

    That sucks! Sorry to hear you have to deal with such BS. Hope you find an easy fix soon and the culprits get 10x in return. . .

    Best of luck!

  • Hashim

    Time to hack proof my site. I've been seeing this all over lately.

  • http://buhlerworks.com/wordpress JEBworks

    Can relate. Spent a lot of hours to clean up the mess on my WP blog. Troubleshooting advice for non-geeks on their forums is sadly missing. Each link directs you to more of the stuff only coders seem to relish and understand. Finally found a year old blog post by someone who had the same virus with advice how to remove it that regular folk understand.

  • http://www.linkedin.com/in/richullman richullman

    Whattya know? This experience shows you both the best and worst of the web (sic “people”).

  • http://twitter.com/olgaLG Olga

    Well that's not very nice to do to a nice guy. Apparently they haven't been watching your videos on YouTube to see how grateful you are sir.

    Good luck getting it up to snuff!

  • http://empoprise-bi.blogspot.com/ John E. Bredehoft (Empoprises)

    Perhaps you're being hacked by an insomnia clinic? :)

    Once the issue is resolved, I hope that you'll share the technical details so that others can prevent the same types of attacks in the future.

  • Denis

    Stay strong, sleep enough! Do not tell passwords anybody. Especially those who call in the middle of the night and demand you to prove your identity.

  • http://www.lookwhatmomfound.com Rob Babiak

    That sucks. Thank goodness nice people are letting you know what is going on. Hopefully it can be easily fixed and fixed so it won't happen again. Good Luck!

  • http://www.m2osw.com Alexis Wilke

    Maybe you'd like to use a provider that takes care of the hacks for you?!

  • http://twitter.com/CharlesTaggart Charles Taggart

    Glad to hear you’ve fixed it and I like the idea of keeping those hackers awake at least a month straight!!! Maybe nails on chalk boards added to it would be good too…

    By the way, I did look in http://www.zone-h.com, which sometimes hacker groups will boast of their hacking adventures, there was none reported… When I was blamed for hacking locally, it was this site that showed it was a hacker group that had done it, then another hacker group hacked their hack…

    Again, thank you for your advice this morning, it was very good, informitive and enlightening…

    Charles Taggart

  • http://blogging.compendiumblog.com/blog/blogging-best-practices chrisbaggott

    Chris, we talked about this when you were here for Blog Indiana. What you need is a SaaS solution. Compendium. You don't do your own email, why would you do your own blog software.

  • Jeana Lawrence

    I'm so sorry that is happening to you. It's frustrating when people get their kicks out of disrupting what others are doing. I hope you get the problem solved soon.

  • http://ricnunez.com Ric Nunez

    I'm sorry to hear that, Chris. I'm hosting several pages for clients and I get scared every time something fails, but I get more upset when is somebody try to do bad. This page is your business and I can't imagine how bad it was.

  • http://www.kherize5.com Suzanne Vara

    Oh so you are saying that you do sleep? We know you appreciate everyone telling you but yeah I can see where getting ridiculous amounts of texts and calls in the middle of the night would be a problem. Sorry.

    With everything this too shall get worked out and all will be back to normal but it sucks when you get malware, a virus or hacked.

  • http://twitter.com/JOHNNYVUSA John Vito

    I'd suggest switching hosting providers. I've recently switched from your current hosting provider to Bluehost.com. Performance wise your current provider can't touch bluehost.com I see there are over 4,450 other websites on your shared server. Can't be good for performance or security.

  • http://www.ivanwalsh.com Ivan Walsh

    It’s only a matter of time before you can get Insurance for your website. Why not if it’s your business? Gap in the market?

  • http://ricnunez.com Ric Nunez

    I agree, although larger businesses have neverfail system, raid and more servers to solve this kind of issue, still a pretty big chance of failing. I read once that 70 percent of companies go out of business after a major data loss.

  • kat brogan

    the stop calling in the middle of the night part was too subtle

    i'm the only one allowed to call chris in the middle of the night
    if i call in the mimddle of the night chances are it won't be for good reasons
    it's why we keep his phone active at night
    incase i need him
    no one is going to save the world
    or take control over it in one night
    let the man sleep
    crush it.

  • http://www.ivanwalsh.com Ivan Walsh

    Hey Rick,
    Makes sense. I have some buddies in DR and that stat really holds up.

    Internal hacking and/or selling data to outsiders is another real problem for web host firms.

  • http://TheChrisVossShow.com Chris Voss

    The Worldwide Chris Brogan Website Alarm Army activated…LOL.

  • http://dannybrown.me Danny Brown

    This review of premium WordPress themes by Aaron Brazell over at Technosailor may hold the reason why you've been so prone to attacks lately:

    http://technosailor.aaronbrazell.com/2010/04/07…

    Seems Thesis doesn't have a decent security system in place, and that's seen a few sites on the framework hacked (a popular one is to have porn links in the footer, much like your last batch in the header).

  • http://www.seoconsult.co.uk Mack

    I have never heard issue in this frame work and have seen many blogs using the same, i think issue may be some where at hosting end also as well as some security holes…

    Its uses child themes with frame work and i have used it successfully

    “Thesis is one of those themes that people either love or hate. Those who love it, love it exclusively. Those who hate it, hate it with a passion. Again”

    But i seems to be like this theme

  • http://www.wholesaleinc.net/Wholesale-hiphone_c29 iphone clone

    it's why we keep his phone active at night
    incase i need him
    no one is going to save the world
    or take control over it in one night
    let the man sleep
    crush it.

  • http://johnhaydon.com John Haydon

    Yeah – when I saw that link in the upper left of your site, I was like “Jeeze – did Chris change up his business plan?” ;-)

  • http://www.brigittemehr.com Brigitte Mehr

    It happened to me not so very long ago – not good but at least I was able to learn from it and become far more secure. Great to see you have a good 'early warning' system in place!

  • http://www.gadgetforfun.com hasbulaqill

    more hacker are from nigera. beware it

  • http://www.bigpictureweb.com jlbraaten

    At some point, is it worth moving to a more secure, hosted solution, Chris? I know WordPress is great and all, but what at what point does the flexibility lose its charm in the face of security issues?

  • http://www.toddejones.net/ tejones

    I use Bluehost.com as well and I really like it. Of course, I don't have ppl trying to hack my site. At least not yet.

  • http://www.cccooperagency.wordpress.com Lynn C. Black

    Be encouraged Chris. If you weren't doing something right, you wouldn't have these “haters” or detractors coming against you. Hang in there and where there's a Will, there's a Way ;)

  • http://www.brandonburgh.com BrandonBurgh

    Hmmmm…that's too bad. I don't look forward to the pain of that when I make it big time having to deal with that type of stuff. It's good you have so many friends to count on.

    BrandonBurgh

  • John Rosa

    Totally agree with Kat and her thoughts on who can, or should reach Chris in the middle of the night directly.

    As for the hacks, can only wish there was a way to track them back and hack the heck out of their PCs until they were unusable requiring them to purchase new equipment, then we can hunt them down and prosecute them (although they are usually in another country or high school and can't be touched). Heck this way they got to eventually run out of money and then have to get real jobs. Ah, if only wishes came true sometimes. Hope it subsides Chris.

  • http://www.m2osw.com Alexis Wilke

    @John, the hackers don't use their PC to hack. To prevent a lot of the problems we're facing today, you'd need to eliminate MS-Windows, especially those from people who still use Win95/98.

    And as mentioned below, using a provider who takes care of their customers with an existing solution that they manage (instead of the blogger) is probably a better way to avoid headaches.

  • http://www.melaniekissell.com melaniekissell

    This is an insidious disease for which, I'm afraid, there's no cure. :-(

  • http://www.melaniekissell.com melaniekissell

    Oh, and a pain where a pill can't reach!

  • http://garybloomer.com/ GaryBloomer

    Chris, Way down at the bottom of your site, in tiny, tiny red type, there are the words: “sikiş sikiş izle Saç Dökülmesi ve Sebepleri” It's Turkish. You can translate it here: http://translate.google.com There's something buried in the footer. This might be a job for Chris Pearson. Hope this helps.

  • http://www.rafaelmarquez.me Rafael Marquez

    Have you thought about moving off WordPress onto some other platform?

  • http://twitter.com/PluggedInLawyer Tracy TC

    I'd be happy to hold down the hackers for you when you find them. I lost a site to their buddies. :)

  • http://www.workathomeprofiles.com greg cryns

    I think it may have something to do with your WordPress file on your server. WordPress is known for leaks.

  • http://www.yuregininsesi.com yuregininsesi

    I have never heard issue in this frame work and have seen many blogs using the same, i think issue may be some where at hosting end also as well as some security holes…

  • Pingback: 6 Ways to Protect Your Blog From Being Hacked | LatinaBloggersConnect