This Blog Was Hacked

I’ve been having some problems these last few weeks with excessive bandwidth usage and had been unable to work out why the average bandwidth used per visitor had increased five fold!

Basically I’d hit my upper bandwidth limit twice in the last week (you may had noticed) despite not loading the site with much more material than normal. Further, the webserver statistics showed that 93% of the bandwidth was being used consumed just downloading raw html files, not images or videos or anything. I was flummoxed as to what the problem was.

Then this morning I saved the home page to my PC, to see if it really was as big a file as the stats seemed to be suggesting… sure enough it was: a 900kb .html file! Why was it so big? Checking the raw html source code I was shocked to discover literally thousands of hidden links out to other sites, for all sorts of nefarious links, I’m sure your imagination can work it out.

My blog had been hacked and had all these links inserted without anyone noticing. They were hidden with a style that stopped them being displayed by your browser, but they were still there.

It only took a few minutes to delete them all, but it’s taken me all morning to upgrade the wordpress version from 2.1 to 2.5.1 I hate upgrading, it’s a pain in the butt, not least of which because of incompatibilities between the new version and all the plug-ins I have installed. This is why I’d been sitting on such an old version for so long.

The irony of the situation is this though: if the hackers hadn’t been greedy and uploaded such a huge number of links (a pointless exercise from an SEO perspective to be honest) I would never had noticed. If they’d just restrained themselves to 2-3 links, or hell, even 50, I probably would never have suspected a thing. But 800kb of hidden links is hard to miss. Just to be clear, that’s about 2000 lines of extra links.

If you don’t understand why someone would do such a thing, it’s all to do with how the search engines rank pages in their results. Basically links to your sites are like votes, the more votes you get, the more important Google thinks your site is and the higher up it lists your website when people search for stuff. It’s rather more complicated than that, as I’m sure you realise, but that’s the essence of it.

{ 10 comments… add one }
  • Steve J 2 July 2008, 6:59 pm

    I really don’t get the psychology of hacking. The image of hackers for me is one of a nerdy virgin whose idea of exercise is lifting a 2l bottle of coke to their lips.

    Anyhow, thanks for the phone number, I phoned Mark and have booked a training session with him for the 21st (I’ve got a weeks leave then).

    To say “I can’t wait” is an understatement.

  • Colin McNulty 4 July 2008, 11:53 am

    Yes well something has gone wrong with the upgrade cos at the moment I’m locked out of my own blog, lol ! Everytime I login I just get a blank screen. Most frustrating.

    Oh the reason for the hack was to put on links to other sites in order to try to get them to rank better.

    Hope to see you down the gym sometime!

  • ingeloes 5 July 2008, 2:12 am

    hey

    any news yet? i have to go the 21st of july…

  • Colin McNulty 5 July 2008, 4:06 am

    ??? Any news on what?

  • welshtroll 7 July 2008, 6:08 am

    Ekk I don’t envy you Col it’s hard enough tracking the fact that something has happened.

    I now use the rss feeds of software that i use if anything new appears then It’s a whole evening of updating 6 sites i manage ^.^ but i still think it’s easier than trying to recover when something happens.

    Glad to see you have it all sorted now tho.

  • Colin McNulty 7 July 2008, 9:28 am

    Cheers WT, it took a while to sort out, happy I did it though.

Leave a Comment