HomeAbout Patrick AltoftSearch Engine Optimisation consultingSEO from Branded3 Search LtdContact Me

Site got hacked

By Patrick Altoft on February 18th, 2008

Site got hacked

One of my personal sites was hacked last week and thanks to a tip off I am in the process of fixing it. The hacker somehow edited a static footer.php file (the site doesn’t run any kind or blog or Wordpress software so I assume he got in via ftp) and inserted a 1 pixel gif image linking to dailymobiles.com.

Google has clearly been tipped off and the site is deindexed but 1.6 million people are linking to it.

This sort of thing is going to become more and more widespread in 2008.

Categories: Blogstorm

Bookmark: delicious | digg | reddit | StumbleUpon | Google Bookmarks | Sphinn

Read some similar posts
How to use Google Alerts to find out if your site gets hacked
What is the most SEO friendly shopping cart?
StumbleUpon sending fake traffic to fake pages
Getting banned for not selling links TechCrunch looks stupid
WhyFirefoxIsBlocked.com wins linkbaiter of the month

7 Reader Comments leave yours >>

If you have the ability to spread so much links, why on earth do you want to spam sitewide links everywhere? I mean, how hard is it to change the number of links.

Instead of sitewide links in the footer, I rather have 1 link from a popular post on the site :)

Lenen   February 19, 2008 1:47 am | Reply

 

LOL. 1.6m backlinks.

That was sure to go unnoticed! *rolls eyes*

If he’d kept it under the radar then he might have got away with it. Maybe, 10,000 backlinks at the most…

Charles   February 19, 2008 3:09 am | Reply

 

I found one of these links in my footer.php file a few weeks ago too! What are you doing to protect against anything like that in the future?

I only found it once my rankings dropped and then I realised I was also the victim of a much worse hack where they added about 100 hidden dodgy links at the bottom of the page!

Fraser Edwards   February 20, 2008 2:36 am | Reply

To be honest I have just changed the ftp password, I can’t see that they got in anywhere else.

If the site used a CMS or something then I would look for holes but in this case they just edited a static file so I assume they got my password somehow.

Patrick Altoft   February 20, 2008 2:53 am |

Reply
 
 

Yeah that’s what my host told me to do but then how did they manage to get enough FTP passwords to get all those links! My password wasn’t anything that would have been found by a dictionary search etc

Fraser Edwards   February 20, 2008 3:02 am | Reply

Mine wasn’t guessable either, it was a random word & number. Beats me, just glad I don’t code sites for big companies. :)

Patrick Altoft   February 20, 2008 3:36 am |

Reply
 
 

No matter how careful a developer is, there are always security holes. As they say, where there’s a will, there’s a way. It is sad, but true.

Jeremy Steele   February 21, 2008 8:40 am | Reply

 

Read our comment policy
We moderate first time commenters

Name (required)
E-mail (required - never shown publicly)
Your website
Your Comment (smaller size | larger size)
You may use <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong> in your comment.

Trackback URI

Design by Patrick, theme by Justin Tadlock & code by Wordpress