As many people noted, yesterday my site(s) suffered a pretty ugly malware attack. For Mac users this was pretty benign and transparent, but for PC users the site(s) had a weird pop-up thing that tried to redirect you to another site.
My sincere apologies to anyone who may have had problems.
I still have no clue how my sites were hacked or for what purpose. Since tens of thousands of other sites were hacked at the same time it seems as though someone just sought to disrupt and exploit the internet in general instead of specific sites. There is a hypothesis that the sites were infected at the server level, meaning they wouldn’t have attacked me personally, just any site on a shared server.
I maintain my WordPress sites in the recommended way. All of my WordPress sites are running the latest version, 2.9.2. All of my plug-ins are updated. All of my passwords are “strong.” In other words, I’ve done everything possible to prevent something like this from happening.
All that to say, I’m back to normal. (Or as normal as I get) And thanks for your patience.
If you want to read about the nasty bug my sites had, the solution, and the discussion, here are some links:
Thank you to the amazing WordPress community and especially David at Sucuri.net for writing some code to fix the problem.
Leave a Reply