19th August 2008

Learning from web attacks

posted in Blogging |

Nuke that website!

It all started with a colleague saying she got a strange notice when she visited our VisualsSpeak website. Then she called her web guy, who came and cleaned something off her computer. That’s how the summer started. I upgraded the software on the backend and did everything I knew how to do.

Have you noticed how vague this is? So now you know how it has felt.

While I was totally occupied with learning how to communicate over technology across cultures, Google sends me an email. Is it real? Or is it another phishing scheme? It sounded pretty dire:

We recently discovered that some of your pages can cause users to be
infected with malicious software. We have begun showing a warning page
to users who visit these pages by clicking a search result on Google.com.

and it goes on

If your site was compromised, it’s important to not only remove the
malicious (and usually hidden) content from your pages, but to also
identify and fix the vulnerability. We suggest contacting your hosting
provider if you are unsure of how to proceed

Hidden content on a Wordpress site. Great. I know there is a database involved somewhere? So into the other side of the tech world. A place where they speak in tongues and letters. Since Google suggested contacting our host, we sent an email off to Bluehost. Their response?

The content of your site is your responsibility. We do not provide support for coding, development, or design. If your site has been hacked, you will need to consult a developer to resolve the issue.

Any hints? What kind of developer? Developer of what? We have no context. What do you type into Google to find such a person? What do you ask them for?

We are getting emails from our customers and collegues. Some people can get on the site, others are getting dire warnings about their computers being destroyed by our site. Not so good for PR.

Back to Bluehost. Do they know any developers? Yes, they refer us to edynamo.com Let’s just say they took our money and after 18 days have done nothing. Not happy.

Desperate acts come from not knowing what else to do.

Today we are just ripping down the whole site. Having Bluehost remove it completely from their servers.  It will take down all our email and everything else. And we’ll start over.  Then we’ll have to convince Google we have it taken care of so they remove the dire warnings from our site.

Biggest lessons?

  • people who are not experts in what you do don’t know the language you speak
  • search is great, but useless if you don’t know what to enter
  • there are a lot of different kind of developers, I still can’t tell them apart
  • there is a huge gulf between the tech side and the user side of technology
  • being a fairly savvy user means nothing when there is another kind of problem
  • never take a customers money if you can’t deliver (this one is a review  for edynamo.com - NOT recommended)
  • we should try to meet people who understand how to fix viruses, malware, trojans, worms etc

How do customers talk about the problems they are trying to solve?

Never once during this period did I say I was concerned about a malware injection attack. If that is even what I should have been concerned about. And when I googled malware, I got sites on how to remove it from my computer not my website. I never figured out what would get the results I needed. I did get pages of what I think were code? With instructions that made no sense at all to me.

What did I say? At least the things that are fit for print:

  • My site is a mess and I don’t know why.
  • Malware, what do I do?
  • What do I do with a broken blog?
  • Help, I’m infecting my customers!

Important

If you have visited our VisualsSpeak website this summer and do not have up to date virus software installed on your computer, you should run some kind of checker/detector program. I’d like to be able to guide you to resources, but honestly I still don’t understand this whole thing. Perhaps someone who does will leave some resouces in the comments?

This entry was posted on Tuesday, August 19th, 2008 at 10:32 am and is filed under Blogging. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

There are currently 6 responses to “Learning from web attacks”

Why not let us know what you think by adding your own comment! Your opinion is as valid as anyone elses, so come on... let us know what you think.

  1. 1 On August 19th, 2008, Harold Jarche said:

    Ooh, that warning on your site sure doesn’t make it very appealing. I would use your twitter network and find someone you trust to recommend a trusted advisor on these things. I use WordPress as well, but have it hosted locally by folks I know personally. My data are too important to mess with. I also know where the server is.

    These guys, on the West Coast, are good and reliable and might be able to help you:
    http://funnymonkey.com/
    Ask for Bill.

  2. 2 On August 19th, 2008, Sarah Stewart said:

    Gosh, what a mess. Good luck for the big sort-out!

  3. 3 On August 20th, 2008, Ken Allan said:

    kia ora Christine!

    I am shocked to learn of the trouble you’ve had with your site and the bother with sorting it out! I hope things straighten out for you Christine!

    I met up with a blogger who knows you well, Nancy White, who says, “Hi!” I spoke to her at lunch, after her stunning keynote at the DEANZ Conference in Wellington, NZ.

    I like the pic, by the way. It is so 20th century! But then, so am I :-)

    I will run a smorgasbord of Spybot, Norton and Symantec after this :-)

    What’s for dessert?

    Ka kite
    from Middle-earth

  4. 4 On August 20th, 2008, Betsy Hansel said:

    I’m so sorry to hear about your attack. It seems so senseless. Hope you can resolve it soon.
    Betsy

  5. 5 On August 20th, 2008, Betsy Hansel said:

    Just mentioned your problem to my next door neighbor. Have you checked with the domain that provides you with your URL name? He thought that someone might have put a redirect to point people to a totally different web site.
    For what it’s worth… Good luck!

  6. 6 On August 20th, 2008, Christine Martell said:

    Thanks all for the ideas and support. Really helped to know you were all out there while I was pretending to know what to do.

    We have been cleared by Google, and the nasty warning has been removed since we are no longer transmitting badware. We even got our money and an apology from edynamo. Things are looking up.

    Always update your blog software!

Leave a Reply

« Back to text comment