headermask image

header image

My blog got hacked, probably at Blogworld Expo

Where better to steal blog passwords than over the open wifi at a blogger conference?

…OK, I don’t know for an absolute fact that’s where and how this blog got hacked, but it does seem extremely likely. So Blogworld Expo attendees, be forewarned — and check your blogs. Specifically, check the source code of your most recent posts — especially if you use Wordpress.

Yesterday I posted about how a reader let me know that a huge chunk of spam had shown up in a post I made from Blogworld Expo in Las Vegas. As I investigated this further with the help of readers (especially Mihai Parparita) and my colleague Justin Crawford, I learned that someone had gained access to my Wordpress installation (most likely by stealing my password) and inserted spam directly into my post. This problem appears to have started only very recently — while I was at Blogworld, on the conference wifi network.

Of course, this also could have occurred on the ethernet at my hotel in Vegas (the Marriott Suites on Convention Center Dr.) Or when I turned sharing on for my laptop to give a friend net access from my room (because they sell ethernet access per connected device, not per room — a total ripoff).

My hacker attempted to be a little sneaky about it. He/she used the CSS command “overflow: hidden” to keep the spam from appearing on my blog. But it did come through on my feed. Oddly, I couldn’t see the spam through my feed reader application Newsfire; nor did it appear in the built-in feed reader in Safari. But it was clearly visible in web-based feed readers like Bloglines and Google Reader.

I’m working to lock out this hacker and upgrade Wordpress. But I’m also investigating how to prevent this from recurring. I travel a lot and go to a lot of conferences, so I’m on open wifi and hotel connections a lot.

Got any suggestions for preventing blog hacks? Please comment below. I have to leave on another trip shortly and could use all the help and advice I can get. Thanks.

If you liked my post, feel free to subscribe to my rss feeds

Money Making Options

Post meta

This entry was written by Amy Gahran and posted on November 11, 2007 at 10:23 am and filed under Amy's Adventures, blogs, events, problems. Bookmark the permalink. Follow any comments here with the RSS feed for this post. Post a comment(Latest is displayed first) or leave a trackback: Trackback URL.

Share with others

Post My blog got hacked, probably at Blogworld Expo to digg. Post My blog got hacked, probably at Blogworld Expo to Reddit add to stumbleupon Google Bookmark myweb bookmark on del.cio.us newsvine Tailrank magnolia Furl co.mments shadows simpy blinklist

6 Comments so far (Add 1 more)

  1. This illustrates a critical security flaw in the design of Wordpress and most CMSs (Content Management Systems). They do not provide secure https for logins, where passwords must be sent over the net, and administrative access. Only Plone , and maybe some of the Java based systems, seem to provide this capability, but only by tearing your hair out first. If Wordpress provided it transparently, you would have used it, and your password would not have been stolen.

    [Reply]

    2. Chip Neville on November 13th, 2007 at 7:51 pm

  2. TDavid, Mark — yes, I’m definitely looking into an EVDO connection. Thanks. But I still need a more secure solution in the meantime. It’ll be a few weeks before I can pull that into place.

    - Amy Gahran

    [Reply]

    4. Amy Gahran on November 12th, 2007 at 11:48 am

  3. Amy,

    Looking back now, I may have also been hacked. I was trying to post to my blog so I could show the audience in my presentation something, and suddenly I lost my blog’s template. I’ll let you know when I find out what happens. Perhaps at the next meetup. Good luck!

    [Reply]

    5. Jim Turner on November 12th, 2007 at 10:21 am

  4. Never, ever, transmit a plaintext password over unsecured WiFi. Heck, probably not a good idea to do it over WEP’d WiFi either.

    Solutions: HTTPS, VPN — or just forget about the WiFi and get an EVDO card. A few trips to Starbucks/hotels/conferences a month and it will pay for itself.

    [Reply]

    6. Mark Jaquith on November 12th, 2007 at 10:16 am

  5. Suggestion: get your own EVDO connection — don’t use conference WiFi which usually suck anyway.

    [Reply]

    7. TDavid on November 12th, 2007 at 10:11 am

  6. Amy,
    If it’s any help…it was also in my Feedblitz email feed.

    [Reply]

    9. Bill Henderson on November 11th, 2007 at 8:15 pm

4 Trackbacks

  1. By contentious.com - Bluehost’s Bad Attitude: Customer Service 101 on February 2, 2008 at 10:59 am

    [...] were generally going OK with hosting both sites on my Bluehost account, until last November, when Contentious got hacked — someone sniffed my password when I logged on over open wifi and inserted spam into my blog. [...]

  2. By contentious.com - This blog is still hacked, grrrrrrr….. on November 13, 2007 at 8:49 am

    [...] in advance to my readers, but it appears my hacker woes are not yet [...]

  3. By contentious.com - Twitter actually can be useful on November 12, 2007 at 9:55 am

    [...] the weekend, I found Twitter useful when I learned that my blog was hacked by a spammer. As I rushed to understand what happened and what I needed to do to fix the problem, I [...]

  4. By BlogWorld Wrapup, Michael Arrington No Show, & Getting Caught With My Pants Down In The Ladies Room - ShoeMoney® on November 11, 2007 at 4:38 pm

    [...] Amy Talks About how her blog got hacked while at Blogworld (HELLO OPEN WIFI = BAD) [...]

Post a Comment

Your email is never published nor shared. Required fields are marked *

*
*
« Back to text comment