Last Wednesday, March 3, 2010, my site was hacked. At around 11am, I tried visiting my blog and main sites but they were down. I really don’t know what to do because as I’ve said, I’m not a techie guy. When I started blogging, simple browsing and Microsoft Word are the only things that I know. I don’t know about codes and I don’t really care.
What I know is plain search engine optimization, affiliate marketing and pure making money online techniques. I lack the technical know-how in software and hardware so I believe I am an easy target. I am very vulnerable in these kinds of attacks.
I have expected this to happen as my site climb fast in Alexa ranking in less than a year. I have been featured in Manuel Viloria’s site, (http://www.viloria.net/archives/pinoy-internet-marketing/) recognizing my capability in SEO and traffic generation through social media marketing. Some would think I’m a good target and easy as well – VERY EASY.
USAToday have featured an article explaining “How cybercriminals invade social networks, companies”. I am suspecting that the exploit was caused by clicking malicious applications from either Facebook or Twitter in which I am a heavy user due to the nature of my business. Another cause might be the hundreds of spam messages that I receive daily.
I am also considering the new WordPress plug-in (WPExitWindow) created by Bill Mcrea which I have installed in my blog last week to be the culprit. I may be wrong but this is what I feel. It might also be the FREE WordPress themes that I installed because I was testing for a clean and organized theme for my blog. Or my hosting was compromised? That I cannot say.
Honestly, I am really pissed off! Who wouldn’t?
This is sabotage! I have dedicated my time and energy building this site for almost a year and now I have a dilemma whether to keep this or to stay underground again. I have a vision of helping others succeed online but others are bringing me down. Is this crab mentality? I think so!
Thanks to some online friends who helped me figure out this exploit especially to Moses Villena, who shared this link: http://www.prelovac.com/vladimir/warning-website-virus-attack This gave me the idea about the problem.
I logged on through my FTP access (I’m using Filezilla by the way which is FREE) and searched for the index.php and index.html files and guess here’s what I found.
Virus Script on index.php files
These are malicious scripts so I tried to delete them manually. And my blog was up. I’m not really sure if I resolved the issue. It took me hours to clean the php files. (I messed around with the codes knowing that it could fuck up my entire blog if I deleted important scripts but who cares, I’m desperate).
My AVG still detects some exploits:
Making Money Online Philippines Blog Hacked
Please inform me if your anti-virus program detects any exploit when you visit this blog. If the problem still persists, I’m planning to take this down completely so I won’t infect other PC.
And if that is the case, I will definitely go back to the life of an underground online marketer which I lived from April 2007 up to April 2009.
We’ll I won’t share any money making secrets by then and I hope that the less than 1 year existence of Making Money Online Philippines blog has inspired people that you can definitely succeed as a blogger and internet marketer. One can definitely earn BIG TIME without leaving the comforts of your home!
You do not have to leave the country after graduation just to earn for a living. One needs to think outside the box and be creative. There are lots of opportunities online. Look around.
The internet is a sea of opportunity. You just need to invest on quality fishing nets to catch the big fish. I’m sure you will make money online.
Good luck!
Ronald Redito
PS: You can still follow me on Twitter where I share money making tips. @makemoneypinas
{ 8 comments… read them below or add one }
Avast detected something… A file called plugin-ChangeLog.pdf was downloaded to my “temp” folder.
It was tagged as a “JS:Pdfka-gen [Expl]”
What images (from other sites) are you loading here in your homepage? It’s possible that it’s one of those GIF files stored in an external site that is triggering the Avast.com warning.
Please try remove all those externally-referenced GIF files from your homepage, then we can test again. Thanks!
badoo.com – cgro isa pa yan sa pakalat ng cybercriminals nowadays,..para xang fb,..kaso di ko lam what this social network is up to..!
.-= moses´s last blog ..Illegal gamble witness vs First Gentleman killed =-.
Hello, I’ve been following your blogs for a couple of months now. Please don’t take it down because I really enjoy your content and my antivirus did not detect any virus on your site.
Thanks Bella!
Thank you Sir Manny. I’ll delete them ASAP. I’ll tell you when I’m done. Salamat po ulit.
How was your site brod? Kaya pala nagtatanong ka pano lumipat ng hosting. Nakalipat kana?
Eto, inaayos pa bro. Buti nakabalik pa. Kaya ingat ka sa mga plug-in na balak mo iinstall. Di pa ko nakakalipat ng hosting. Di ko kase alam pano maretain yung content ng blog ko pag lumipat hosting. Mababa kase bandwidth nitong current ko so I need to transfer.
Ronald,
Once you’re done with the cleanup, your very basic protection against hacking is to change your username and password. Use a combination of capital and lowercase letters, numbers and special characters.
I know you don’t know me, you only dropped my rarely updated blog once (jojoagot.com) but I think I can help you transfer to a new host and retain your blog contents. Your site is far too important to be boxed in to a limited web host.
E-mail mo nalang ako anytime you need help.
Jojo