Haxored!

My web site has been haxored (h4x0r3d or hacked)! Not my blog, but my personal web site. I only noticed it recently, even though it looks like the site was breached in August.

Luckily, nothing was destroyed. Whoever did it, only planned to use my site as a host for infecting other unsuspecting users. They put a ton of infected files in one of the publicly accessible directories on my site. Then they submitted that address to the Yahoo search engine to get people to click on the infected files.

As I have been preoccupied with other more important things over the last few months, I did not even think of checking my site for intruders. I am renting space on a shared web server, and there is so much misconfigured software that crackers exploit the bugs in software to dump their infected files on unsuspecting users. I was able to pinpoint the exact time they gained access to my site, but could not figure out which way they came in.

I have now cleaned up my site, removing most of the old and unused files, just so I can detect another intrusion more easily. I have also setup automated tasks to run in the background and check for ANY new files that are created. If a new file gets created on my server, I will know about it. That's the beauty of computers. If something is a repetitive task, just automate it and get an email sent to you if something out of the ordinary happens.

As for my personal computer, I have two antivirus programs running and a firewall that notifies me of every new program execution. Kind of slows down the whole computing process, but prevents the baddies from getting onto my computer. A word of advice, update your virus definitions and put up those firewalls because the internet is one infested environment.