Ned Desmond shares the scary story of how a small site he managed that advertised fishing expeditions ended up with 565,192 scam pages. He also suggests five ways to avoid the same fate.
Cape Cod guide Eric Staplefield didn't even have e-commerce on the site. Most of it was pictures of fish that his guests had caught. Desmond brushed off the first few calls from Eric about the site. But when he took a look, Google clearly thought the site was compromised.
Next I got in touch with Jennifer Zelazny, the WordPress developer who set up the site and had worked on it from time to time. She agreed to dive in. What she found was nasty. Hackers had accessed the site either directly through WordPress or through a plug-in on the site. She found at least 20 suspicious WordPress core files. There were also non-core files on the site with file names like “list.php” and “apis.php,” which to an average user might not have raised any red flags. Their names looked typical, but the time stamps were all recent — since July 2016 — and upon further inspection revealed redirects to other sites. She deleted the files, reset passwords, updated the secret keys in the wp-config, cleaned up other valid files with malicious code and then ran scans with Exploit Scanner and Sucuri SiteCheck scanner to ensure she found every bit of malware.
• How hackers turned a Cape Cod fishing guide’s site into a host for e-commerce fraud (Ned Desmond / TechCrunch)
Image: Moyan Brenn
You might be popular, but are you Chinese hacker following your every move, no matter where you go popular? No? It’s cool. Not many people are.
It hasn’t even been a full week since Riviera City, a town that fell victim to ransomware hackers, paid almost $600,000 in an attempt to regain control of vital city networks. Today, there’s news that the government of yet another Florida town, Lake City, has voted to pay $500,000 in bitcoin to hackers for the […]
Chinese spies got a hold of NSA hacking tools, and “repurposed them in 2016 to attack American allies and private companies in Europe and Asia,” reports the NYT. How’d they get those cyberweapons? Symantec researchers “believe the Chinese did not steal the code but captured it from an N.S.A. attack on their own computers — […]
Whether you’re using them for next-level selfies or steady tracking shots, gimbals are a must for anyone who wants to maximize the potential of these powerful smartphone cameras we’re all carrying around. But those smartphones are also supposed to be portable, and let’s face it: Gimbals tend to offset that advantage. Weighing in at just […]
It’s too hot for yard sales, but hey: The internet is here for you. Here are the top ten deals on some of the Boing Boing Store’s best gear, just in time for summer. It’s everything from grills to security cameras to MacBook Pros, and they might be as low as they’re ever going to […]
When it comes to getting stats and ideas across quickly, there’s still nothing like a good slide presentation. But the critical word here is “good” – not 20 slides all thrown together with the same stock PowerPoint template. Whether it’s a crucial pitch for a new business or a quarterly report, Slideshop can be a […]