So, I’m sure you’re all wondering what has happened to the Petoholics theme and where all the posts and pages disappeared to. The answer is pretty simple and yet surprisingly infuriating…spammers hacked my blog.
Thankfully they didn’t upload any viruses or anything. Instead they seemed content with filling every page with spam links for “that little blue pill” and god knows what else. They even hid it so the only way you could see it is looking at the source code. At first I thought they had only gotten to this blog. Then I realized that they had put their crap on every single PHP file in the wolfdragon.net domain. Anyone who has visited my old site knows that it had over 200 PHP pages.
How did they do it? Your guess is as good as mine. It could have been anything from backdoors in WordPress or its plugins, some old unsecure script located on one of those 200+ pages that I haven’t touched for years, or even my webhost being comprimised. After a bit of searching, I discovered that other people have had similar problems particularly with hacked WordPress themes. So far I have yet to see one that knows how it was done in the first place. Instead they talk about how to deal with the impact.
Why did they do it? Google “wow name generator”. My PANDA generator is second from the top. I was getting 700-800 hits a day from that position. The spammers decided they wanted to piggyback off my hard work and they somehow found a way to do it. They just wanted to get their stupid spam out there, regardless of who they hurt in the process.
What happens now? I tried at first to just delete their code from my blog, not realizing at the time that they had gotten to all those other pages. I got rid of some out of date plugins, changed my password, basically tried every security trick I could find. I hoped I had succeeded. The next day it was back again and that’s when I discovered it wasn’t just Petoholics Anonymous that had been affected. I figured the best thing to do would be to start anew, wiping the slate clean of their s**t. So I downloaded every file to my computer, backed up every database, and then deleted everything from my server. As for Petoholics, I will work on getting every blog post and page up here again, hopefully all the comments too. I don’t know how long it will take because I want to go over every inch with a fine toothed comb. The last thing I want is a repeat of this nightmare.
The side of me you’re all seeing right now is the practical side, the part that’s dealing with the problem at hand. What you aren’t seeing is the very angry, “I’m going to hunt down and hurt these spammer” side. My guildmates talk about how they know I’m mad when I start swearing. Imagine me using the vilest curses I know in every second breath. The part that hurts the most surprisingly? They defiled the part of my old site that showcases Blacky, my dear black lab that passed away two year ago. And I know they don’t give a rat’s a** about it. That…that demands retribution that I can’t give because the spammers are spineless cowards. All I can do clean up the mess and make things right again.
So if you’re a blogger (which I know a lot of you are), take my situation and learn from it. Be diligent about your blog, check your security on a regular basis and keep things up to date. Please don’t let this happen to you.