Warning:
Adult Language Ahead!
So…the Refreshingly Fifty blog site got hacked by hacking hackers.
Yep, this little blog site got hacked.
How? And…Why?
That answer is a long one.
Here’s the short version:
Hackers for piece-of-shit sites are paid REALLY FUCKING WELL to hack into legit sites and then use those legit sites to “piggy back” unsuspecting users, by diverting them to the piece-of-shit sites.
Wait.
What?
Let me break it down a little bit more.
Let’s say, you (the user), are minding your own damn business, going about your day, surfing the net for whatever reason, and you click on something that catches your eye.
Or you go to favorite blog site, like, say, Refreshingly Fifty, to check for new posts.
When you click on the link, you go to some shady, seedy, piece-of-shit site that you KNOW you didn’t intentionally click on, but now you can’t seem to get OFF of the site, no matter what you do.
Hackers are paid by the “click”.
When shady, seedy, piece-of-shit sites aren’t getting enough traffic, they employ hacking hackers to divert traffic to their sites.
And since Google and Bing and other search engines are onto the shady, seedy, piece-of-shit sites, the hacking hackers hack into legit sites and use the URL for those sites to divert traffic to the piece-of-shit sites.
Essentially, they’re using the good name of the legit sites as a cover for the piece-of-shit sites.
So you innocently click, and you end up on a site you would never actually click on.
Like, piece-of-shit, scum-of-the-fucking-Earth, really ugly sites.
Boom.
That’s how and why a legit site gets hacked.
The hacking hacker bitches are paid by the “click.”
In the meantime, the good name of the legit site is getting flagged as now being a shady, seedy, piece-of-shit site.
The hacking hackers interlink the two sites — legit site to piece-to-shit site — without the owner of the legit site even knowing.
My site was shut down.
Everywhere.
If you can even access your site…
On the morning of April 5th, I logged onto Refreshingly Fifty, like I always do, to write my post for the day and check the traffic analytics for the previous day.
Correction.
I attempted to log onto my blog site.
Locked out. My username and password had been changed.
The hosting platform told me that my information had been changed about six hours before I contacted them.
What in the ever loving…?
Filing an immediate complaint, the hosting platform’s protocol was to shut down my site, until they could figure out what had happened and who had control of my site.
The phone call and follow-up email that I received, about an hour later, was disturbing to say the least.
First, they informed me that this sort of thing happens all of the time — hackers hack into legit sites with minimal to moderate traffic, but an increasing audience.
Refreshingly Fifty had about 10K visitors in March, and it was growing steadily.
Unbeknownst to me, this puts a target on legit, up-and-coming sites.
I had no clue how and why a legit site gets hacked…
The hackers hack into the site, wormhole it, and then direct random users to the most disgusting sites imaginable.
If you know me, you know that I’m no prude.
So trust me, when I say these sites are stuff of nightmares.
It was fucking disgusting.
Honestly, I didn’t even know that some of this stuff was out there, until I was sent the links that were embedded throughout the wormhole.
Second, the hosting platform informed me that I had to wait 72 hours while they investigated the code embedded within my site (CSS, javascript, etc.,) to ensure that I was not making a false claim.
(As in, they had to ensure that I wasn’t a hacker trying to get access to the already-hacked site.)
The hosting platform could very clearly see when the hacking took place.
It was easy to see the last time I logged in and out.
None of it made any sense to me, at first.
I mean, I don’t sell anything, so there was nothing to steal.
Now, I know that a site’s credibility is extremely valuable.
I discovered a couple of things:
- The hacking hackers were — they think — in the Philippines.
- Some hackers aren’t as good as others. Scrubbing their kindergarten-level code was easy.
- My site, which I thought was secure, was not secure and vulnerable to this happening again.
I hired a company to clean my site professionally and upgrade the security that protects Refreshingly Fifty and its users.
Done and done.
That took about a week.
I’ve also had to “get right” with the search engines of the Universe, proving that Refreshingly Fifty is a legit, SECURE-AS-FUCK (now) site.
All-in-all, it took 10 days to get it all straightened out.
Google lifted their ban.
You know what?
It would have been easy to say, “Fuck this cyber-hacking-bullshit-of-a-nightmare,” and walk away.
If you’ve ever met me, you know that I rarely do things the easy way.
Not to mention, I have a lot of time and energy invested in this little blog, and I’m not about to walk away now.
That’s how and why a legit site gets hacked.
And that’s what happened to Refreshingly Fifty for the past 11 days.
Facebook still won’t let me boost my posts.
Because, well, Facebook is the epitome of censorship and ridiculousness.
But I’ll save that rant for another post. (wink, wink)
I still think it’s highly suspect, though; The timing between the two events happening.
I’m not going to be so flippant as to say that this site is now more secure than Fort Knox.
Why invite more bullshit?
Right?
I want you, the people who read what I post on Refreshingly Fifty, to know that every effort to prevent this from happening again is being made.
You are on a secure site, when you are reading this blog.
That said, I am going to be making some changes to Refreshingly Fifty; Its layout, content, etc., and I may miss posting a daily post here and there.
Of course, I’ll let you know if and when that will happen by posting this picture:
If ever there was a “good” time to do that, it’s now…right as I begin building the site up from scratch (again).
Oh, and for the record:
Fuck all of you fucking hacking hackers!
More tomorrow,
-A
1 comment