Ned Desmond shares the scary story of how a small site he managed that advertised fishing expeditions ended up with 565,192 scam pages
. He also suggests five ways to avoid the same fate.
Cape Cod guide Eric Staplefield didn't even have e-commerce on the site. Most of it was pictures of fish that his guests had caught. Desmond brushed off the first few calls from Eric about the site. But when he took a look, Google clearly thought the site was compromised.
Next I got in touch with Jennifer Zelazny, the WordPress developer who set up the site and had worked on it from time to time. She agreed to dive in. What she found was nasty. Hackers had accessed the site either directly through WordPress or through a plug-in on the site. She found at least 20 suspicious WordPress core files. There were also non-core files on the site with file names like “list.php” and “apis.php,” which to an average user might not have raised any red flags. Their names looked typical, but the time stamps were all recent — since July 2016 — and upon further inspection revealed redirects to other sites. She deleted the files, reset passwords, updated the secret keys in the wp-config, cleaned up other valid files with malicious code and then ran scans with Exploit Scanner and Sucuri SiteCheck scanner to ensure she found every bit of malware.
• How hackers turned a Cape Cod fishing guide’s site into a host for e-commerce fraud (Ned Desmond / TechCrunch)
Image: Moyan Brenn
A rare joint alert from the U.S. Department of Homeland Security and the Federal Bureau of Investigation explicitly blames the government of North Korea for a series of hacking attacks on various American targets, dating as far back as 2009. The government alert warns that more such ”state-sponsored cyberattacks,” as they’re known in security jargon, […]
Crosby, Stills & Nash recorded this theme song for War Games, the seminal hacker film of 1983. The tune was heard in movie trailers and in this promotional video that aired on MTV but was apparently pulled from the film. The song, “War Games,” was included on the band’s album Allies. From the lyrics: I […]
‘President’ Donald Trump is expected to sign an executive order addressing cybersecurity today, Reuters reports in an item that cites “two sources familiar with the situation.” The EO is expected to be Trump’s first action to address what he called a top priority of his administration during the Presidential campaign.
If you struggle to get a good night’s rest, consider replacing your pillows before dropping hundreds on a new mattress. You can give your tired neck a break with a 2-pack of memory foam pillows, available now in the Boing Boing Store.Each of these pillows is stuffed with cooling polyurethane foam that molds to your […]
Although flagship smartphones are unlikely to adopt heavy-duty outer casing anytime soon, you can always prepare your device for the outdoors with a beefy case and and an external battery like this Nomad Tile Trackable PowerPack, available in the Boing Boing Store for $119.95.The Nomad Tile can fully recharge an iPhone 7 over three times […]
Even though credit cards now feature an EMV chip for securing transactions, they still have to include the magnetic strip for compatibility with older point of sale systems. Because of this, there’s no way for the chip’s new security capabilities to protect against card skimmers in the wild.How do you protect yourself from legacy-technology-induced fraud? […]