RootsTech 2015

Some people eat, sleep and chew gum, I do genealogy and write...

Tuesday, March 26, 2013

Exactly how my blog was hacked or highjacked

It might be helpful to others to explain exactly what happened and how my blog was hacked or highjacked. The symptom of the hack or highjack was that when users, even me, accessed the blog, the page was involuntarily re-routed to another commercial and sometimes objectionable page. First of all, this is illegal activity and very destructive to the operation of the Internet. It took me some time to identify the source of the highjack and eliminate the problem. Meanwhile, I got several complaints and was extremely upset by the resulting issues.

What happens is that a highjacker gets access to a widget or gadget from an otherwise legitimate commercial enterprise and adds a small amount of computer code that reroutes the page upon which the widget or gadget is displayed. In some cases, the code might be embedded in the HTML for the target site's startup page. In effect, the code could be hiding anywhere, making it very difficult to spot.

I had started auditing all the HTML code on my page, but did not have time during RootsTech to get into it like I needed to and so I called on my son-in-law, an Internet programmer, for help. He was involved in a huge project of his own, but kindly spent the time to look at all the code on my blog site and analyze where the change had been made. He used some programming tools that show all of the Internet connections made by the site going both ways; to and from the Internet. He could see that something was constantly loading websites and using some of the snippets of code and doing a "Find" command, he was able to identify where in the site the code had been embedded.

It turned out that two gadgets had been highjacked. We had to remove several gadgets before we found the ones that had the bad code, but once they were removed, the site went back to normal. I reworked by entire site and cut out a bunch of gadgets that weren't necessary.

The bad thing about this all is that the bad gadgets or widgets are still out there waiting for someone to download them.

I am sorry if anyone was offended or inconvenienced because of the problem, but I am glad that I have a talented family that can help me when I need it.  As a final note, don't expect any help from Google Blogger.

3 comments:

  1. What were the 2 gadgets that were infected?

    ReplyDelete
  2. They were links to Amazon that are no longer on my site.

    ReplyDelete
  3. I didn't experience any re-directs in my visits here this past week. However, the trimmed down pages load much faster, and I haven't had to abort loading like I used to.

    ReplyDelete