Ned Desmond shares the scary story of how a small site he managed that advertised fishing expeditions ended up with 565,192 scam pages. He also suggests five ways to avoid the same fate.
Cape Cod guide Eric Staplefield didn't even have e-commerce on the site. Most of it was pictures of fish that his guests had caught. Desmond brushed off the first few calls from Eric about the site. But when he took a look, Google clearly thought the site was compromised.
Next I got in touch with Jennifer Zelazny, the WordPress developer who set up the site and had worked on it from time to time. She agreed to dive in. What she found was nasty. Hackers had accessed the site either directly through WordPress or through a plug-in on the site. She found at least 20 suspicious WordPress core files. There were also non-core files on the site with file names like “list.php” and “apis.php,” which to an average user might not have raised any red flags. Their names looked typical, but the time stamps were all recent — since July 2016 — and upon further inspection revealed redirects to other sites. She deleted the files, reset passwords, updated the secret keys in the wp-config, cleaned up other valid files with malicious code and then ran scans with Exploit Scanner and Sucuri SiteCheck scanner to ensure she found every bit of malware.
• How hackers turned a Cape Cod fishing guide’s site into a host for e-commerce fraud (Ned Desmond / TechCrunch)
Image: Moyan Brenn
Aestetix sez, "2600 Magazine has hosted the biennial Hackers On Planet Earth conference since 1994. However, for 2020 the host hotel, the Hotel Pennsylvania, has tripled the fee charged to the conference. Rather than raising ticket prices and making the event inaccessible to all but the rich, HOPE is reaching out to the community to […]
You might be popular, but are you Chinese hacker following your every move, no matter where you go popular? No? It’s cool. Not many people are.
It hasn’t even been a full week since Riviera City, a town that fell victim to ransomware hackers, paid almost $600,000 in an attempt to regain control of vital city networks. Today, there’s news that the government of yet another Florida town, Lake City, has voted to pay $500,000 in bitcoin to hackers for the […]
On the one hand, nostalgia is “a corruption of the historical impulse,” according to William Gibson. On the other hand, “Super Mario Bros.” will never not be cool. Luckily, there’s a way to satisfy that retro gaming while still keeping an eye on the future: The GameShell Kit. This thing is simultaneously the last handheld […]
The field of data analytics can get intimidating, even for business professionals who constantly rely on it. But at its heart, its purpose is to simplify. To take mounds of information and distill their insights into a single clear picture. Currently, the go-to software for painting that picture is Tableau. And if you want to […]
If you’re in the market for a stable, durable camera fully suited for first-person video, there’s a good chance that you’re the adventurous type. So why settle on a familiar name like GoPro? The DJI Osmo Action 4K HDR Camera checks off all the same boxes on the action cam checklist as the GoPro 4K […]