Learning from web attacks

Nuke that website!

It all started with a colleague saying she got a strange notice when she visited our VisualsSpeak website. Then she called her web guy, who came and cleaned something off her computer. That’s how the summer started. I upgraded the software on the backend and did everything I knew how to do.

Have you noticed how vague this is? So now you know how it has felt.

While I was totally occupied with learning how to communicate over technology across cultures, Google sends me an email. Is it real? Or is it another phishing scheme? It sounded pretty dire:

We recently discovered that some of your pages can cause users to be
infected with malicious software. We have begun showing a warning page
to users who visit these pages by clicking a search result on Google.com.

and it goes on

If your site was compromised, it’s important to not only remove the
malicious (and usually hidden) content from your pages, but to also
identify and fix the vulnerability. We suggest contacting your hosting
provider if you are unsure of how to proceed

Hidden content on a WordPress site. Great. I know there is a database involved somewhere? So into the other side of the tech world. A place where they speak in tongues and letters. Since Google suggested contacting our host, we sent an email off to Bluehost. Their response?

The content of your site is your responsibility. We do not provide support for coding, development, or design. If your site has been hacked, you will need to consult a developer to resolve the issue.

Any hints? What kind of developer? Developer of what? We have no context. What do you type into Google to find such a person? What do you ask them for?

We are getting emails from our customers and collegues. Some people can get on the site, others are getting dire warnings about their computers being destroyed by our site. Not so good for PR.

Back to Bluehost. Do they know any developers? Yes, they refer us to edynamo.com Let’s just say they took our money and after 18 days have done nothing. Not happy.

Desperate acts come from not knowing what else to do.

Today we are just ripping down the whole site. Having Bluehost remove it completely from their servers.  It will take down all our email and everything else. And we’ll start over.  Then we’ll have to convince Google we have it taken care of so they remove the dire warnings from our site.

Biggest lessons?

• people who are not experts in what you do don’t know the language you speak
• search is great, but useless if you don’t know what to enter
• there are a lot of different kind of developers, I still can’t tell them apart
• there is a huge gulf between the tech side and the user side of technology
• being a fairly savvy user means nothing when there is another kind of problem
• never take a customers money if you can’t deliver (this one is a review  for edynamo.com – NOT recommended)
• we should try to meet people who understand how to fix viruses, malware, trojans, worms etc

How do customers talk about the problems they are trying to solve?

Never once during this period did I say I was concerned about a malware injection attack. If that is even what I should have been concerned about. And when I googled malware, I got sites on how to remove it from my computer not my website. I never figured out what would get the results I needed. I did get pages of what I think were code? With instructions that made no sense at all to me.

What did I say? At least the things that are fit for print:

• My site is a mess and I don’t know why.
• Malware, what do I do?
• What do I do with a broken blog?
• Help, I’m infecting my customers!

Important

If you have visited our VisualsSpeak website this summer and do not have up to date virus software installed on your computer, you should run some kind of checker/detector program. I’d like to be able to guide you to resources, but honestly I still don’t understand this whole thing. Perhaps someone who does will leave some resouces in the comments?