Always wear protection
Last night MPP was hit by a virus, actually malware to be exact. The nasty little bug reared it’s ugly head in the early hours of the morning. Users trying to access the site were not able to gain access to the site and the malware appeared either redirecting users to other sites or infecting their computers. Depending on the version of your operating system and web browser the malware may have been squashed right away or not. If the malware made it through to your computer later on I’ll talk about how to remove it.
About 5AM this morning (CST) I did what I customarily do and leaned over to check my phone to see if I had any new emails. There was a message from one of my valued members saying that the site had “MAJOR problems”. I quickly jumped out of bed and ran to my computer to see what the issue was. Sure enough when I tried to access mypornprofile.com I was hit with the malware. I immediately called my host provider godaddy.com to see what the hell was going on. After waiting on the phone for about 12 minutes a technical rep came on the line. I told the guy what my problem was and he immediately seemed to know what the problem was….Wordpress. He put me on hold while he spoke with his Advanced Tech Desk to diagnose and resolve the problem. Less than 5 minutes later he came back on the line and told me that in fact my website was infected with low level malware. He also told me that the site was swept and all traces of the malware were removed.
I asked the guy why godaddy did not catch this problem themselves and he gave me some BS excuse that godaddy has over 45 millions sites and they can’t monitor them all. He said that in most cases end users catch the problems before godaddy even has a chance to. After hanging up the phone I did some research and found that WordPress related issues are a common problem. Since the software is free and used by millions of people the software is more prone to attacks. My biggest lesson learned here was to ALWAYS upgrade your version of WordPress IMMEDIATELY. I was running version 3.0 and did not upgrade to 3.0.1 yet because I didn’t know the effect it would have on the custom layout of my site. Needless to say the risk of a messed up layout far less important than the risk of having the security holes open. I immediately updated the blog to the latest version. In the future when there is a new version of WordPress available I will upgrade the second I see it.I did a little more research and found out that WordPress malware problems were effecting many godaddy users. You can find the article HERE. My suggestion is that all of you do the same since I know many of you are WordPress users.
Going back to the infection problem. If the malware got through to your computer you should immediately use your virus scanning software. If you don’t I would suggest you use the free one provided by Microsoft at Microsoft Security Essentials. I ran this tool and my computer was rid of the problem in a matter of minutes.
Again, I sincerely apologize for any problems this may have caused my loyal members and fans of the site. Over the next 5 days I will continue to contact godaddy and request that they sweep my site to see if there are any lingering problems. You would expect a world class company like godaddy would automatically detect these problems, fix them and notify you before anyone even knew it was occurring. I guess this isn’t the case. I pledge the following to you to ensure the possibility of this ever occurring again is almost zero 1) I will immediately update WordPress when new version are available 2) continue researching hosting companies that provide proactive malware/virus protection instead of reactive 3) notify everyone of any know issues and full disclosure of the issues like I’m doing here.
- Sam
Related posts:
Recent Comments