{"id":5923,"date":"2014-07-07T12:43:25","date_gmt":"2014-07-07T16:43:25","guid":{"rendered":"http:\/\/blog.nccomputertech.com\/?p=5923"},"modified":"2014-07-07T12:43:25","modified_gmt":"2014-07-07T16:43:25","slug":"one-of-my-sites-got-hacked-and-its-my-own-fault","status":"publish","type":"post","link":"https:\/\/nccomputertech.com\/techtalk\/2014\/07\/07\/one-of-my-sites-got-hacked-and-its-my-own-fault\/","title":{"rendered":"One of my sites got hacked, and it&#8217;s my own fault"},"content":{"rendered":"<p>It started with a text message from my wife: &#8220;ZATZ site hijacked by nasty porn.&#8221; This is not exactly the message you want to get at 6pm on July 3rd. I had been planning on beginning my holiday weekend with a prolonged sittin&#8217;-on-the-couch-watchin&#8217;-TV night, but that was not to be.<\/p>\n<p>Instead I&#8217;d be doing porn removal, which took until about 2am.<\/p>\n<p style=\"text-align:center;\"><a href=\"http:\/\/www.zdnet.com\/one-of-my-sites-got-hacked-and-its-my-own-fault-7000031269\/\"><img data-recalc-dims=\"1\" height=\"343\" width=\"200\" decoding=\"async\" src=\"https:\/\/i0.wp.com\/nccomputertech.com\/techtalk\/wp-content\/uploads\/2014\/07\/2014-07-03-21-39-45-200x343.jpg?resize=200%2C343\" alt=\"\" \/><\/a><\/p>\n<p>Image courtesy scammers. Image sanitized for your protection.<\/p>\n<p>The thing is, I know better. In fact, sometime in the middle of 2013, I made a decision which led directly to my couchless July 3rd. I pretty much knew it would reach out and bite me, and it did.<\/p>\n<p>Here&#8217;s what happened. In today&#8217;s world, all Web sites are moving targets. It&#8217;s always an arms race between Web site operators and the spammers and scammers out there who want to use them for anything from malware distribution to automated referrals to porn sites.<\/p>\n<p>Because it&#8217;s an arms race, it&#8217;s up to the Web site operators to constantly update their sites, update the server software running on their sites, and update their protection systems. Failure to do all of these leaves the chance that bad guys will find a loophole, and tunnel their way in.<\/p>\n<p>That&#8217;s what they did on my site. What happened is they embedded a redirect message into just the mobile version of the site. As a result, if I visited the site via my desktop browser, everything looked fine. But if you visited the site via a mobile browser (as my wife did on Thursday while at Sam&#8217;s Club, when she was updating our business membership), you&#8217;d find that criminals had gotten into the site&#8217;s code and replaced it with a redirect to the porn site.<\/p>\n<p>This was fully preventable.<\/p>\n<p>And yes, I understand the irony of a cybersecurity expert getting hacked. It&#8217;s like the old story of the barber who never cuts his own hair. While I would never advise anyone to leave a site untouched, there is one difference between Mr. Highfalutin Cyberwarfare Advisor being hacked and a regular Web site operator: I do know how to fix it. That said, mitigation sucks, especially when it gets in the way of a planned night off.<\/p>\n<p>Here&#8217;s how we got to this point. The ZATZ site is no longer actively updated. It was a highly visited site back in the day, but since I&#8217;ve moved on with my career from entrepreneur to advisor, columnist, and educator, the thousands of ZATZ articles are really now just an archive. We don&#8217;t get any advertising income (although some old ads are still running on the site), and I rarely spend any time there.<\/p>\n<p>It is a WordPress site. A few years ago, I moved it from UserLand Frontier to WordPress, specifically because of the high level of support available in the WordPress world. There is one disadvantage of WordPress though: given that a huge number of sites run WordPress, it&#8217;s also a very visible target for hackers.<\/p>\n<p>There are a wide variety of ways to harden a WordPress site, including using a many different security plugins. The ZATZ site was hardened, and it did use the security plugins.<\/p>\n<p>So where did I go wrong, and why was it my fault?<\/p>\n<p>While there are many things you should do to keep a WordPress site from being hacked, there is one golden rule (and it&#8217;s the one I violated): always keep WordPress up to date. This includes updating the WordPress core, any themes you use, and any plugins.<\/p>\n<p>I didn&#8217;t do this. Around August of last year, I made a ruthless prioritization decision: leave the Web sites alone and work on other stuff. I sometimes have to be ruthless about how I prioritize my time, and this was a big one. I knew there was a chance of hacking, but I just didn&#8217;t want to spend a weekend every few months fiddling with the site. I had an overwhelming amount of other things going on, and this just wasn&#8217;t as important.<\/p>\n<p>Full Story: <a href=\"http:\/\/www.zdnet.com\/one-of-my-sites-got-hacked-and-its-my-own-fault-7000031269\/\" target=\"_blank\">One of my sites got hacked, and it&#8217;s my own fault | ZDNet<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>It started with a text message from my wife: &#8220;ZATZ site hijacked by nasty porn.&#8221; This is not exactly the [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[6,7,9],"tags":[342,655,1194],"class_list":["post-5923","post","type-post","status-publish","format-standard","hentry","category-networking","category-security","category-software","tag-exploits","tag-malware","tag-web-site"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/papNkV-1xx","jetpack-related-posts":[{"id":9804,"url":"https:\/\/nccomputertech.com\/techtalk\/2024\/11\/08\/maximum-iceland-scenario-data-caps-3rd-party-android-stores-nuclear-amazon\/","url_meta":{"origin":5923,"position":0},"title":"Maximum Iceland Scenario &#8211; Data Caps, 3rd Party Android Stores, Nuclear Amazon","author":"NCCT","date":"November 8, 2024","format":false,"excerpt":"https:\/\/youtu.be\/P5MkCwktKz0 Data Caps, 3rd Party Android Stores, Nuclear Amazon \u2022 Google must crack open Android for third-party stores, rules Epic judge \u2022 Google asks 9th Circuit for emergency stay, says Epic ruling \u2018is dangerous\u2019 \u2022 Canceling subscriptions is about to get easier \u2022 The FCC is looking into the impact\u2026","rel":"","context":"In &quot;Software&quot;","block_context":{"text":"Software","link":"https:\/\/nccomputertech.com\/techtalk\/category\/software\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/img.youtube.com\/vi\/P5MkCwktKz0\/0.jpg?resize=350%2C200","width":350,"height":200},"classes":[]},{"id":9446,"url":"https:\/\/nccomputertech.com\/techtalk\/2018\/12\/03\/friends-in-bikinis-this-week-in-tech-695\/","url_meta":{"origin":5923,"position":1},"title":"Friends in Bikinis &#8211; This Week in Tech 695","author":"NCCT","date":"December 3, 2018","format":false,"excerpt":"https:\/\/youtu.be\/puMBVNv91ZU - Black Friday was Amazon's biggest sales day ever - Marriott Hack hit half a billion Starwood guests for 4 years - Indian Microsoft scammers busted - Amazon's new machine learning racecar, quantum blockchain, and more from re:Invent - When is Amazon rolling out Prime Health? - UK grabs\u2026","rel":"","context":"In &quot;Apple&quot;","block_context":{"text":"Apple","link":"https:\/\/nccomputertech.com\/techtalk\/category\/apple\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/img.youtube.com\/vi\/puMBVNv91ZU\/0.jpg?resize=350%2C200","width":350,"height":200},"classes":[]},{"id":9403,"url":"https:\/\/nccomputertech.com\/techtalk\/2018\/10\/01\/older-than-the-mini-jack-this-week-in-tech-686\/","url_meta":{"origin":5923,"position":2},"title":"Older Than the Mini Jack &#8211; This Week in Tech 686","author":"NCCT","date":"October 1, 2018","format":false,"excerpt":"https:\/\/youtu.be\/a2BeanU0FsU Facebook breach, Elon\u2019s costly tweet, Google turns 20, and more. --How to tell if your Facebook account is one of the 50 million that were hacked this week --Why the founder of Instagram left Facebook --\"Funding secured\" tweet costs Elon Musk his chairmanship and $40 million --Google turns 20\u2026","rel":"","context":"In &quot;Social Media&quot;","block_context":{"text":"Social Media","link":"https:\/\/nccomputertech.com\/techtalk\/category\/social-media\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/img.youtube.com\/vi\/a2BeanU0FsU\/0.jpg?resize=350%2C200","width":350,"height":200},"classes":[]},{"id":9450,"url":"https:\/\/nccomputertech.com\/techtalk\/2018\/11\/20\/are-passwords-immortal-security-now-690\/","url_meta":{"origin":5923,"position":3},"title":"Are Passwords Immortal? &#8211; Security Now 690","author":"NCCT","date":"November 20, 2018","format":false,"excerpt":"https:\/\/youtu.be\/mOSTtkK7vy0 Pwn2Own, the Future of Passwords. -- All the action at last week's Pwn2Own Mobile hacking contest -- The final word on processor mis-design in the Meltdown\/Spectre era -- A workable solution for unsupported Intel firmware upgrades for hostile environments -- A forthcoming Firefox breach alert feature -- The expected\u2026","rel":"","context":"In &quot;Security&quot;","block_context":{"text":"Security","link":"https:\/\/nccomputertech.com\/techtalk\/category\/security\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/img.youtube.com\/vi\/mOSTtkK7vy0\/0.jpg?resize=350%2C200","width":350,"height":200},"classes":[]},{"id":9335,"url":"https:\/\/nccomputertech.com\/techtalk\/2018\/04\/29\/this-week-in-tech-664-warm-tushie-tech\/","url_meta":{"origin":5923,"position":4},"title":"This Week in Tech 664: Warm Tushie Tech","author":"NCCT","date":"April 29, 2018","format":false,"excerpt":"https:\/\/youtu.be\/ImbCQ9LqcAo Sprint and T-Mobile make it official. Amazon, Google, and Facebook all have amazing quarterly earnings reports. Amazon's home robot and the battle for smart home supremacy. Facebook's community guidelines. Golden Gate Killer found with open source DNA site. Who wants Snap's second generation Spectacles? Apple's rumored AR\/VR headset. What\u2026","rel":"","context":"In &quot;Apple&quot;","block_context":{"text":"Apple","link":"https:\/\/nccomputertech.com\/techtalk\/category\/apple\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/img.youtube.com\/vi\/ImbCQ9LqcAo\/0.jpg?resize=350%2C200","width":350,"height":200},"classes":[]},{"id":9343,"url":"https:\/\/nccomputertech.com\/techtalk\/2018\/05\/27\/this-week-in-tech-668-how-many-cups-in-a-stone\/","url_meta":{"origin":5923,"position":5},"title":"This Week in Tech 668: How Many Cups in a Stone?","author":"NCCT","date":"May 27, 2018","format":false,"excerpt":"https:\/\/youtu.be\/i1oqaFyVcQ0 --The FBI wants you to reboot your router right now. FBI agents have gained control of a huge Russian botnet. If your router is affected you just need to reboot it. --Facebook and Russian ads - how should government react in the age of cyber warfare? --Amazon sells facial\u2026","rel":"","context":"In &quot;Security&quot;","block_context":{"text":"Security","link":"https:\/\/nccomputertech.com\/techtalk\/category\/security\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/img.youtube.com\/vi\/i1oqaFyVcQ0\/0.jpg?resize=350%2C200","width":350,"height":200},"classes":[]}],"_links":{"self":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/posts\/5923","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/comments?post=5923"}],"version-history":[{"count":0,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/posts\/5923\/revisions"}],"wp:attachment":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/media?parent=5923"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/categories?post=5923"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/tags?post=5923"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}