Google PlusFacebook iconTwitter icon+44 113 260 4010 contact@branded3.com

Blogs »

Hacked

On Monday I spotted a strange issue with Blogstorm that was causing the blog to be displayed 4 inches down the page. I suspected it was a browser issue or some kind of hack but the source code was totally clean and it was displaying the same in multiple browsers which was strange.

After some investigation by one of our developers yesterday it turned out that the JavaScript file which powers the tab section on the right hand side of the blog had been hacked and an iframe inserted in the header. Luckily the iframe source was giving a 404 error otherwise my blog would probably have been flagged as a malware site and started redirecting all visitors to somewhere else.

We are still not sure how the hacker got into the blog but I am very careful to only use popular plugins and always update all plugins and WordPress as soon as new versions come out.

BY Patrick Altoft AT 8:55am ON Thursday, 12 November 2009

Patrick Altoft is Director of Search at Branded3 and has worked in the SEO industry for over 10 years. With experience across some of the worlds largest brands as well as startup businesses Patrick is well known in the industry and speaks regularly at the major SEO conferences and events. Follow Patrick on Twitter or Google+

Comments

  • Mark

    Hi Patrick – I still see the 4 inch gap…

    http://i38.tinypic.com/r8xtg9.jpg

  • Mark

    Oh, I did anyway…it’s gone now. Might have been a cached version I was looking at, or something like that.

  • http://www.tag44.com tag44

    Yeah, i am the regular visitor of this quality blog and really surprised to see that long header but thought that might be some coding problem. Any way its good that you recognize the thing as early as possible.

  • http://www.antezeta.com/blog/ Sean Carlos

    For those using WordPress, I compiled a guide on how to secure WordPress, avoiding a Google ban in the process.

    Most of the tips. like knowing your plugins and changing default admin usernames, are easily applicable to big boy CMS’ like Drupal and Joomla as well.

  • http://wwww.SEOforClients.com/edu/ Aji(SEOforClients.com)

    Check your FTP program, your computer, it is getting inserted from there. There can be various in your computer, which is taking the FTP password saved in your FTP client.

    So never have your FTP save a password, always go for “Ask for password”. Run your computer to malware and virus. Change your FTP password.

    Even after that if this problem is not solved, let me know.

    Thanks,
    Aji Issac aka AjiNIMC of WMW

  • http://www.fullyaudio.com.au/ Daniel Brady

    In firefox press ctrl-a then right click ‘View Selection Source’ to view the DOM Source (the source after all javascript has been executed), you would have seen the iframe source.

  • http://oh.gd/ Charles

    I agree with Aji. Check your PCs and any PCs you use for FTP. I had a nasty bit of malware, reformated my PC, everything was happy. Then a couple of weeks later, visited one of my own sites and it was Google Red Flagged.

    The malware had ripped the FTP details out of my client software and uploaded them somewhere, and then they’d been used to insert JavaScript into the header of my site. I figured it out by trawling through my FTP logs. After I changed my passwords they still tried for weeks to get in with the old password.

Feedburner Users

Tags

.Net AJAX Android apps Bing Branded3 C# CMS competwition conversion CSS development e-commerce email F# Facebook features Gmail Google HTML HTML5 IE9 interactive internet Internet World JavaScript Leeds Digital Festival Microsoft mobile web PHP rankings SEO smartphones social media Twitition Twitter URL user experience web design web usability Windows Windows 8 WordPress YouTube Zend Framework

© 2013 Branded3 Search Limited Company reg. no. 06479012, All rights reserved.
Part of

St Ives Group Logo