Wednesday, February 17, 2016

I was Hacked!

I was hacked.

My website, was hacked sometime last week. I found out because Google AdWords emailed me and said my website "violates our advertising policies." I once got a coupon for $100 worth of free advertising on Google AdWords and so I set up an AdWords account and advertised until the $100 was gone. So I'm, luckily, still in the AdWords system, apparently.

So the first thing I did was go to my website and look at it. It looked fine. So now I was skeptical.

So the email contained a link for more information. According to the link, Google believed there was malware on my website and they wanted me to go to the Search Console and sign in and look at my site there. So I did. It didn't find anything.  This was Sunday morning.

But I went to Google and did a search on myself, which always brings up my website, and I saw this:

(I have a Norton plugin that supposed to check websites. As you can see, it gave my site the a-okay.)

Well, that wasn't good that it said "This site may be hacked." But I was a con, and didn't have the time nor the energy to look into it. I figured I'd have to call Google and find out what was going on.

Then Monday morning, at home from con, I checked the Search Console again out of curiosity. And it said I had malware on my site. Following the instructions in the Console, I "rendered" my site and it showed me what the Google bot saw and what people who go to my site would see. The later looked fine. But the Google bot saw nasty, awful stuff I won't relate here. Let's just say it was sexual.

My site had been hacked.

First thing I did was change the password to access my site.

Then I wondered what to do. I went to the interface where you can manipulate the files in my site (sort of a browser-based FTP). And I noticed three files that had been uploaded the last week. I didn't upload anything last week.

I spent a few minutes looking at the files on my computer and making sure those files weren't modified versions of those. They weren't. So I deleted them. (If they were modified, I would have uploaded the "clean" version from my computer backup of my website). I then "rendered" the website again and the Google bot saw what I saw. In other words, it appeared those three files I deleted were the problem and my site was now "clean."

Then I had to go back to the security issues page of the Search Console and request a review. They said it could take "several weeks" to take that hacked warning off my search results.

The same day I cleaned it up, I got an email from AdWords saying my site "complies with our Advertising Policies" as it is now clean. Then, despite the "several weeks" warning, the "hacked" label came off my website sometime later that evening and is gone now.

Lesson learned; my password probably wasn't strong enough.

No comments:

Post a Comment