You Got Rid Of The Virus But Did You Stop The Hackers?

July 7, 2010

If you’ve eliminated a virus from your blog, your security may still be at risk. The trouble is, getting rid of the virus doesn’t automatically stop the hackers.

Recently this blog was one of the thousands that was infected by a malicious virus. Getting rid of the virus was straightforward but I didn’t realise that the hackers could still access my account.

It was a call from the bank fraud department that made me realise my mistake. The hackers had attempted to use a card I’d added to my hosting account. Luckily the bank noticed and immediately put a stop on the card.

When I checked my files there were dozens that ended with php-insecure, followed by a long number. Checking and deleting files was time consuming but if you miss a single one, the hackers will still be able to access your account.

If your blog has been hacked, you will want to make it a priority, to protect your own security and I’ve found the following resources useful:

WordPress Defender – 30 Ways To Secure Your Blog From Attack Anyone Can Do
Old WordPress Versions Under Attack
How To Completely Clean Your Hacked WordPress Installation
Did Your WordPress Site Get Hacked?

Did your blog ever get infected with a virus? Did you manage to stop the hackers getting back in?

Related Reading

My Site Was Hacked – WordPress FAQ
The Perfect Viral Ebook That Can Make You Money Today
Stop The Facebook Hackers
How And Why Hackers Want To Get Inside Your Machine

Share and Enjoy:
  • Print
  • Digg
  • StumbleUpon
  • Facebook
  • Yahoo! Buzz
  • Twitter
  • Google Bookmarks
  • email
  • FriendFeed
  • Google Buzz


22 Responses to “You Got Rid Of The Virus But Did You Stop The Hackers?”

  1. Michael VanDeMar on July 7th, 2010 9:12 pm

    Catherine, you should also read this, especially since you are hosting with GoDaddy:

    There are possibly more, non-obvious files that got hacked, and database entries as well that are not as easy to spot. Make sure you check everything.

  2. Kelvin Kao on July 7th, 2010 11:17 pm

    My blog had been hacked before but mostly that just affected my traffic, not the actual associated bank account. It took me quite a while to actually figure out the problem because the changes were made to the database, were encrypted, and weren’t visible from inspecting source code in browsers. Google’s Webmaster Tools and my own local virus scan played important roles in addressing the problem. Now I am a lot careful in keeping my blog installation version up-to-date.

  3. Water Ranks on July 8th, 2010 3:55 am

    This is really great advice, I haven’t been hacked before but I’ve only recently become serious in the internet realm of sites, before it was just hobbies and now I’m trying to get serious with it so these are great things to look out for thank you.

  4. Lillie Ammann on July 8th, 2010 6:50 am


    This is scary stuff. I haven’t had anything close to this.

  5. cathlawson on July 8th, 2010 11:11 pm

    Thanks Michael. It sounds like a lot of people are pissed off with GoDaddy. It’s a difficult situation, as my bloghost is a friend who is a third party seller for GoDaddy. When I asked GoDaddy for help, they told me to ask him but he specialises in preventing hacks, not fixing them.

  6. cathlawson on July 8th, 2010 11:12 pm

    Hi Kelvin – It definitely affects your traffic. My search traffic plummeted to nothing but it’s beginning to pick up now. Thanks for the suggestion on using Google Tools.

  7. cathlawson on July 8th, 2010 11:14 pm

    You’re welome water ranks. If you use wordpress, it’s important to update it as soon as a new version comes out. It’s easy to do that automatically from the dashboard.

  8. cathlawson on July 8th, 2010 11:19 pm

    I know Lillie – I was shocked when the fraud department called. Just as well for me that they were on the ball.

  9. Wendi Kelly on July 9th, 2010 1:30 am

    Thanks Cath for such an important post and the great resources. Not something we want to think about but something we all need to always be on guard for. I appreciate you sharing your learning with us.

  10. cathlawson on July 9th, 2010 3:29 am

    Hi Wendi – It’s one of those things you tend to avoid reading about until it’s too late. I wasn’t sure whether to write about it until I was certain I’d got rid of the hackers but I thought I better warn folk incase their bank accounts got emptied.

  11. Jannie Funster on July 9th, 2010 5:18 am

    Luckily — knocking on wood — no virus or hackers on my blog. Yet.

    I did get a message from BlueHost about 2 months ago that it was mandatory to update to a much stronger pass-word, so I am glad for that. I guess all their sites had to.

    How did the virus get into so many blogs’ codes in the first place?

    I am afraid to upgade my WP myself, that I’ll mess it up. Any suggestions?


  12. cathlawson on July 9th, 2010 9:58 am

    Hi Jannie – I’m not sure how they got in. I hadn’t upgraded WordPress on time, as it was when I wasn’t blogging but other folk say they had upgraded.

    Best to upgrade just to be safe though. The easiest way to do it is from your WordPress dashboard. I don’t know how old your WP version is but when you click on dashboard, there should be an option for updates. Click on that and it will give you an option to upgrade to WordPress 3.0.

    You will also be asked if you want to back up your files first and you should click that. It’s straightforward even for me and I’m always frightened I’ll screw up with any technology I haven’t used before. Let me know if you get stuck.

  13. Evelyn Lim on July 10th, 2010 3:35 am

    What a timely article for me! My blog got hacked last weekend. Yes, I got rid of the virus but did not know what to do thereafter. I am not very technically inclined. It is going to take me some time to figure all these things out! I appreciate your help in pointing out some useful resources! Thank you!

  14. Hilary on July 10th, 2010 6:52 am

    Hi Cath – thanks for these useful thoughts .. always good to know about .. – especially when the comments and thoughts are from friends .. I would love to be a bit more technical ..

    All the best – Hilary

  15. cathlawson on July 10th, 2010 7:52 am

    Hi Hilary – It’s worth knowing these things. I’m really not very technical at all. I just pick up stuff as I go along – usually when something drastic happens.

  16. cathlawson on July 10th, 2010 7:55 am

    Hi Evelyn – Sorry to hear you got hacked too. I hope the resources help and don’t forget to look out for files marked insecure with the long numbers on the end. I must have deleted at least 50 of them.

  17. Jannie Funster on July 11th, 2010 12:26 am

    Okay, I’ ll take the plunge. I’m still with 2.7, I think.

    My concern was the backing-up first myself, but if it’s done by clicking “yes” I guess I’ll just trust WP.

    Or maybe back-up first where I do that under my “Settings.” THEN upgrade.


  18. vered | blogger for hire on July 11th, 2010 2:49 am

    I think I would call Kim Woodbridge if I have to deal with these issues. She’s my trusted WordPress expert. Also, John Hoff is great.

  19. Firm Body Sculpting System on July 11th, 2010 9:11 am

    Wow is all I can say. A lot of the problems out there are older hacks that are still being used. The best thing for anyone is to patch your systems. They make updates for a reason but lots of people don’t update their systems. Kinda like inviting them right into you supper table if you ask me.

  20. cathlawson on July 11th, 2010 12:57 pm

    Yes – definitely do the back up thing first – just incase. It will only take you a few minutes.

  21. cathlawson on July 11th, 2010 1:00 pm

    Hi Vered – John can’t fix it – he can only protect. I thought of Kim too but on the day I first realised I had a problem it was Mother’s Day weekend and she’d put an announcement on Facebook saying she wasn’t working. So I didn’t want to bother her. When I’m done checking through all the files I think I will get her to take a look and make sure I haven’t missed anything.

  22. cathlawson on July 11th, 2010 1:04 pm

    That is so true FBS. I stopped blogging for a few months and I didn’t update WordPress. Of course I updated as soon as I came back but looking at my stats, I think the hackers got in well before then.

Content Protected Using Blog Protector By: PcDrome.