Skip to content

And we’re back.

By:
Friday, January 6, 2012

I got a call yesterday morning from my Dad who said that Internet Explorer had flagged ericaandmark.com as a dangerous site.

A quick check from my Mac revealed nothing, and neither did Chrome in Windows.

Then I checked in Internet Explorer and, yep, our site got hacked.

And then my Win XP machine got infected.

(I’m not sure what I was expecting, intentionally visiting an infected website, but I didn’t think getting a virus would be this easy.)

 

Enter Crisis Management Mode:

I backed-up and then trashed the wordpress install. If the site was hacked I had no chance of rescuing it. There are too many moving parts and places to hide nasty things.

Then I spent a while trying to diagnose the Windows machine. It got hit with the System Fix virus, which was fixable, but System Fix also installed a rootkit, and it would be faster to wipe the machine and start over. Thankfully it’s used for testing purposes at work (which is why it’s stuck in the dark ages of WinXP) so there wasn’t anything valuable on it. I dug out the system install disks and began the process of installing WinXP.

And then upgrading WinXP.

Installing Security Update for Windows XP (update 48 of 111)…done!

Installing Security Update for Windows XP (update 49 of 111)…done!

Installing Security Update for Windows XP (update 50 of 111)…

In the middle of all of this I still had work to do. Two customers with problems that I had no idea how to fix. Thankfully neither of them had problems relating to Windows. After a late night of working I’m 1 for 2.

Today I installed the latest WordPress, locked it down as much as I could and reinstalled old posts and comments from backup. We’re stuck with this weird theme until I can get back in and tinker some more (Grey text? Seriously?).

 

Lessons:

What did we learn from all of this?

1. Back up everything, often.

Thankfully I had a very recent backup of ericaandmark.com. And thankfully I didn’t have anything of value on my Windows box.

External hard drives are cheap and Macs and Windows come with automated backup assistants. Back up your stuff now.

2. Stay Up to Date.

Running your own WordPress site take diligence and perseverance, and I got lax. I hadn’t updated WordPress to the newest version, and there were a few plugins that needed to be updated.

I toyed around with the idea of moving the site to WordPress.com, which takes the system administrative duties away from you, but they don’t allow custom themes and I wouldn’t have access to WebType fonts. (Besides, I like having an online sandbox in which to play).

3. At some point, take a walk.

Crisis Mode makes it hard to think straight. Once you stop the bleeding, take a moment to figure out what you’re doing and what the next steps are. Otherwise you’ll spend a lot of time freaking out and not a lot of time actually getting things done. Also, Rooney likes walks.

 

And now… back to work.

This was written by Mark. Posted on at 8:18 pm. Filed under Miscelaneous. Bookmark the permalink. Follow comments here with the RSS feed. Both comments and trackbacks are currently closed.

One Comment

  1. Mark wrote:

    Also want to say that Ninite is awesome for installing all of the programs you need in one shot.

    Friday, January 6, 2012 at 9:52 pm | Permalink