Mar 2009

WTF happened to my portfolio site?

Posted by: Rin
filed under: Web &Work
Tags: rantings, Web

I really hate it when it happens to me. Come to think of it, no cialis online pharmacy one likes their website being hacked into and losing all their data. A potential client messaged me this afternoon saying that he cannot view my portfolio site. Astounded, I went over to my website to take a look. It came as a shock to me. The entire website (with WordPress as the CMS) is changed.

Littlevault/Rin-Wendy
My old website…

is hacked into…

Littlevault Hacked

Immediately I went into the WordPress admin and found that I could not log in at all. After accessing the mysql tables I found this

The hacker himself has left something which I can identify him by (vicyland[at]gmail.com). His website and profile are as cytotec kamagra supplier dosage below:

Hacker <a href= Order Generic Levitra Super Active+ Online without Prescription page 1″/>

i need to buy propecia ref=”shadowbox”> Hacker page 2

Hacker profile

From China, Hebei Province, 20 years old Male, studying buy antibiotics online in Hebei Medical University. What you have to say about breaking into other people’s intellectual property?

30 comments to date:

xD, your website is so interesting that attract Chinese Hacker’s attention. Suggest you back up your data at certain time, and enhance security of your site. I’m developer in Shanghai.

Tod
March 26th, 2009, 1:23 am
å®‰æ…°ä¸€ä¸‹ä¸¤ä½å¥½äººï¼Œå¸Œæœ›ä»¥åŽåŠ å¼ºé˜²èŒƒ
å¦å¤–é„™è§†ä¸€ä¸‹è¿™ä¸ªhacker

tinyfox
March 26th, 2009, 10:41 am
I wonder why he did it at all… you seemed to gain back control immediately. What did you do to the guy? Did you report him or anything?

Really. Please tell. =/ You just got us visitors more curious…

mary
March 27th, 2009, 11:50 pm
æˆ‘äº†è§£ä¸»äººæ‡‚æ±‰è¯,ä¹Ÿå°±ä¸ç”¨è‹±è¯äº†==
æˆ‘æœ‰å¿…è¦æ¾„æ¸…ä¸€ä¸‹:
1,æˆ‘æ—¢æ²¡æœ‰hack, æ›´æ²¡æœ‰å˜å¿ƒæ”»å‡»ä¸”åˆ é™¤æ•°æ®, æ®æˆ‘ä¸ªäººä¼°è®¡æ˜¯æ‚¨çš„æœåŠ¡å™¨å‡ºçŽ°é—®é¢˜;
2,æˆ‘ä¹‹æ‰€ä»¥è®¿é—®åˆ°é‚£ç«™ç‚¹, ä¹Ÿæ˜¯ä»Žè¿™ä¸ªç«™ç‚¹é“¾è¿‡åŽ»çš„, å´å‘çŽ°å‡ºçŽ°WPå®‰è£…, ä¸€åº¦ä»¥ä¸ºæ˜¯æä¾›WPæœåŠ¡==
3,æˆ‘åå¦‚ä¸Šæ¾„æ¸…,å¸Œæœ›æ‚¨åˆ é™¤æ¶‰åŠçš„ç›¸å…³ä¸ªäººéšç§.å¯¹äºŽæ‰€é€ æˆçš„åŽæžœæˆ‘åªèƒ½è¡¨ç¤ºæ‰æ„.
4,å¯¹äºŽæ‚¨åœ¨æ¤äº‹è‰çŽ‡åˆ¤æ–æˆ‘hackæ‚¨çš„ç«™ç‚¹è¡¨ç¤ºé—æ†¾.

Dulce
March 28th, 2009, 2:35 pm
@Tod, tinyfox:
Thanks I’ll take your advice to heart.

@Mary:
Nope currently I did not do anything except writing on this blog.

@Dulce:
Since you know English, it will be much easier for me to communicate without typing in Chinese.
1) There are many WordPress installations out there. And yet only mine has this problem? Rin-wendy.com is also using the same webhost and same webspace as with littlevault.com, but only littlevault.com has this problem?

2) What you did, intentionally or not, is defacing another party’s website. You might think “Oh it is a server problem, I was there at the wrong time and it happened.” Truth is, no matter what intentions you have, the site is still defaced by you.
It is like playing ball games at a neighbourhood field, you throw the ball a bit too far and break a neighbour’s window, do you still try to cover up the incident to say things like “oh it is the wind, the fengshui, the shape of the ball”?

3)Both parties, me and you suffer loses. For me, my data and some potential clients and for you, negative reputation over a small sphere in the worldwide web. Cause and effect my friend, whether we like it or not.

4)I do not view my handling of this matter as too rushed without putting much thoughts into it. Come to think of it, why didn’t you email me when such a major thing happened? Keeping mum about it only increases the doubt in the credibility of your innocence. If you deface some other major websites by accident, I am sure that you will be prepared to see a lawyer’s letter, not just a rant post on a personal blog.

Rin
March 28th, 2009, 3:57 pm
1ã€æˆ‘ä¹‹å‰ä»Žæ¥æ²¡é‡åˆ°è¿™ç§çŠ¶å†µï¼Œæ‰€ä»¥åœ¨é‚£ç§æƒ…å†µä¸‹ï¼Œè°çŸ¥é“è¿™åˆ°åº•å‘ç”Ÿä»€ä¹ˆäº†ï¼Œè€Œä¹‹åŽå®Œæˆå®‰è£…ä¹‹åŽæˆ‘æ‰æ„è¯†åˆ°è¿™åˆ°åº•å‘ç”Ÿä»€ä¹ˆäº†ã€‚äº‹åŽæˆ‘å’Œä¸€ä½æœ‹å‹è¯´èµ·ï¼Œä»–ä¹Ÿæåˆ°å‘ç”Ÿè¿‡æœ‰æ¤é—®é¢˜ä¹Ÿå‡ºçŽ°è¿‡ï¼ˆæ‚¨ä¹Ÿå¯ä»¥è¯¢é—®æ‚¨çš„æœ‹å‹æ˜¯å¦ä¹Ÿæœ‰è¿‡å¦‚æ¤ç»åŽ†ï¼‰ã€‚è‡³äºŽä¸ºä»€ä¹ˆè¿™ä¸ªé¡µé¢æ²¡æœ‰å‡ºçŽ°é—®é¢˜ï¼Œæˆ‘æƒ³å¯èƒ½çš„å› ç´ ä¼šéžå¸¸å¤šã€‚
2ã€å¯¹ï¼Œæ‰¿è®¤æˆ‘çš„è¿‡é”™ï¼Œä½†æˆ‘çš„è¿‡é”™å’Œæ‚¨æ•°æ®ä¸¢å¤±æ²¡æœ‰å…³ç³»ã€‚æˆ‘å¸Œæœ›æ‚¨ä¹‹å‰åšè¿‡æ•°æ®å¤‡ä»½ã€‚
3ã€æˆ‘é”™è¯¯çš„æ‰§è¡Œäº†WPçš„å®‰è£…ï¼Œå‡ºäºŽæˆ‘çš„æ— çŸ¥ã€‚ä½†æˆ‘ä¸èƒ½ä¸ºæ‚¨æ•°æ®ä¸¢å¤±åŸ‹å•ã€‚æ¢å…¶ä»–äººï¼Œä¹Ÿè®¸ä¹Ÿæœ‰åƒæˆ‘è¿™æ ·å¹¶ä¸æ¸…æ¥šå½“æ—¶åˆ°åº•å‘ç”Ÿä»€ä¹ˆäº†ï¼ŒèŽ«éžä¹Ÿè¦èƒŒé»‘é”…ï¼Ÿ
4ã€æˆ‘å¸Œæœ›æ‚¨å¯ä»¥å†·é™çš„è€ƒè™‘æ•´ä¸ªé—®é¢˜ï¼Œè‰çŽ‡çš„æŠŠä¸€åˆ‡é”™è¯¯å½’ç»“äºŽæˆ‘ï¼Œå¹¶ä¸”æŠŠæŸäº›ä¸ªäººéšç§å…¬å¸ƒäºŽä¼—ï¼Œæ˜¯å¦æœ‰æ‰€è°“â€œä»¥æš´åˆ¶æš´â€çš„å«Œç–‘ã€‚æˆ‘æ²¡æœ‰åœ¨ç¬¬ä¸€æ—¶é—´è”ç³»ä½ ï¼Œç¡®å®žæ˜¯æˆ‘çš„é”™è¯¯ï¼Œä½†æ‚¨å°±ä¸èƒ½äº‹å…ˆè´¨é—®æˆ‘ï¼ˆæˆ‘æƒ³å¾ˆå°‘æœ‰äººè¿™ä¹ˆè¯šå®žçš„äº¤å‡ºmailåœ°å€ï¼‰ã€‚
5ã€æˆ‘å†æ¬¡æœŸæœ›æ‚¨æ£ç¡®çš„çœ‹å¾…è¿™ä¸ªäº‹ä»¶ã€‚æˆ‘ç¡®ä¿¡æˆ‘åœ¨è¿™ä¸ªé—®é¢˜ä¸Šä¸å˜åœ¨é‡å¤§è¿‡é”™ã€‚

Dulce
March 28th, 2009, 4:34 pm
Is there anything we can do to people who hack into other people’s site? If the guy is in China, I can think of any available course of action that you can take.

Adrian Lee
March 30th, 2009, 12:06 pm
å¤©å“ªï¼Œå¤ªä¸å¯æ€è®®äº†ã€‚èµ¶ç´§å‘Šè¯‰wordpressæŠ€æœ¯äººå‘˜ã€‚éš¾é“åšå®¢ç³»ç»Ÿå˜åœ¨ä¸¥é‡bugï¼Ÿ

fabin
March 31st, 2009, 4:55 pm
@adrian lee
from Rin’s latest comment, it appears that Dulce is the person who ‘accidentally’ hacked the portfolio site.

I think Dulce is claiming something about both of them being victims of a bad host or wordpress installation or something.

But don’t quote me on that. I don’t understand Chinese. =/ Just picking up context clues… *points at Rin’s comment*

It seems that that is the reason Rin wouldn’t pursue the issue. =) Because the other party claimed innocence. he’s just ranting his frustrations on this blog post.

mary
April 1st, 2009, 12:14 am
Infact I’m a Chinese too, I don’t konw what’s the problem with rin’s blog but I hope everything will be OK.

whatACoolDesign
April 2nd, 2009, 10:14 pm
So Rin this is a web hosting issue you had with your and this other guys database conflicting with each other? Or was this some exploit in WordPress itself?

Tollboy
April 7th, 2009, 2:56 am
What is it with China and hacking American sites?!!

I work for a web development firm and a hospital site, which is impossible to find unless you live in the area and know the name, was hacked and the DB was corrupted.

Insane. Sorry to hear about your problems.

Web Developer
May 3rd, 2009, 12:19 am
My English is very poor!…
So…

æˆ‘ä»ŽCss vaulté“¾æŽ¥åˆ°ä½ è¿™é‡Œ!å› ä¸ºå¾ˆå–œæ¬¢rin-wendyè¿™ä¸ªé£Žæ ¼!
æ²¡æƒ³åˆ°ä½ çš„åšå®¢è¢«æ”»å‡»äº†,è€Œä¸”æ˜¯ä¸å›½äººæ‰€ä¸º
(å½“ç„¶çœ‹åˆ°è¯„è®ºä¹Ÿä¸çŸ¥é“æ˜¯å¦çœŸæœ‰æ¤äº‹),
æˆ‘çœŸçš„å¾ˆæŠ±æ‰,ä¹Ÿåªèƒ½è¯´æŠ±æ‰,å¸Œæœ›æ‚¨çš„æ•°æ®ç•™æœ‰å¤‡ä»½
ä¹Ÿå¸Œæœ›è¿™ä»¶äº‹èƒ½æœ‰ä¸ªæ¸…æ™°çš„ç»“æžœ.

æŠ±æ‰,è°¢è°¢!

è€¿åŸ¹
May 3rd, 2009, 12:40 pm
æ ¹æ®Dulceè¯´çš„ï¼Œä¼¼ä¹Žæ˜¯å› ä¸ºwpçš„configæ–‡ä»¶ä¸å˜åœ¨ï¼Œæ‰€ä»¥æ‰è¢«å¼•å¯¼åˆ°äº†åˆ›å»ºwpconfigæ–‡ä»¶é¡µä¸Šäº†
æˆ‘ç›¸ä¿¡è¿™ä½Dulceæ˜¯æ— å¿ƒä¹‹è¿‡ï¼Œæ¯•ç«Ÿæ²¡æœ‰å“ªä½hackeråœ¨æ¶æ„æ”»å‡»åŽè¿˜ä¼šç•™ä¸‹emailå˜›ï¼Œå»ºè®®è¯¢é—®ç©ºé—´æä¾›å•†ï¼Œæ˜¯ä¸æ˜¯æ•°æ®åº“å‡ºäº†é—®é¢˜
å¦å¤–ï¼Œå¦‚æžœæ˜¯hackerçš„è¯ï¼Œæ€Žä¹ˆå¯èƒ½è·³å‡ºæ¥æ¥æ¾„æ¸…è¿™ç§äº‹æƒ…å‘¢ï¼Ÿå‘µå‘µ

Ravanello
May 6th, 2009, 1:06 am
Iâ€™m sorry to hear it. Good Lucky Forever..:)

Richard
May 9th, 2009, 10:11 pm
æ²¡å‡†æ˜¯ä¸ªè¯¯ä¼šï¼Œä¸è¿‡ï¼Œä¸å›½çš„å“¥ä»¬ä»¬çœ‹æ¥å¾ˆå–œæ¬¢ä½ ä»¬çš„å¤«å¦»åšå®¢ï¼Œå‘µå‘µ
æˆ‘ä¸Šæ¬¡ç»™ä½ çš„è€å©†ä¸¤æ¡ç•™è¨€èŽ«åå…¶å¦™è¢«åˆ æŽ‰äº†ï¼Œä½†æ˜¯ï¼Œæˆ‘æ²¡æœ‰è¯´ä»€ä¹ˆå¤±ç¤¼çš„è¯ï¼Œè¿™æœ‰ç‚¹åŒªå¤·æ‰€æ€ã€‚
æˆ‘ä¹Ÿæƒ³åšä¸€ä¸ªå’Œä½ ä»¬å·®ä¸å¤šçš„åšå®¢ï¼Œä½†æ˜¯é™äºŽæŠ€æœ¯æœ‰é™ï¼ŒçŽ°åœ¨è¿˜æ²¡æœ‰åŠžæ³•å®Œæˆã€‚
è°è¦æ˜¯èƒ½æœ‰æºä»£ç æä¾›å°±å¥½äº†ã€‚
æ²¡æƒ³åˆ°ä½ ä»¬è¿˜æ‡‚æ±‰è¯ï¼Œå¾ˆä¸é”™ã€‚

Alex.Lee
May 20th, 2009, 12:14 pm
Hello Rin,

I’m sorry to hear such a hack. I don’t speak in Chinese but a quick translation of Dulce’s first comment says:

2. I did visit the site there are also links from this site over the past, but found WP installation, once WP is to provide services that.

If I trust what Dulce said, this a rare problem in WordPress, someday your database will get a problem and WP will throw the installation file in front of you.

See this link: http://perishablepress.com/press/2009/05/05/important-security-fix-for-wordpress/

I think adding .htaccess password to the wp-admin folder will solve the problem, so no one will have the ability to re-install your server!

J Mehmett
May 21st, 2009, 9:58 pm
I’m not good at english.
Infact Iâ€™m a Chinese too,I hope everything will be OK.

Distant Memory
June 20th, 2009, 8:12 pm
è¿™é‡Œå¥½å†·ã€‚ã€‚=.=ã€‚ã€‚
ç©ºé—´å•†æ˜¯å“ªå®¶ã€‚ã€‚ã€‚é€Ÿåº¦ä¸é”™ã€‚ã€‚ã€‚
æƒ…ä¾£åšå®¢åšå¾—å¾ˆæˆåŠŸï¼Œç»§ç»åŠªåŠ›ã€‚ã€‚ã€‚
å„ä½ç»§ç»ã€‚ã€‚ã€‚
å…»æˆç»å¸¸å¤‡ä»½å¥½ä¹ æƒ¯ã€‚ã€‚ã€‚

yangpizhi
June 20th, 2009, 11:17 pm
I think you should back up your wordpress files sometimes to prevent the lost of data if someone hacks your websites again. Wish you luck! Hope the site will be back!

Trang
July 10th, 2009, 8:58 am
Hi Rin,
i really love your blog theme. Can i ask you share it to me and my wife. I think my wife will very happy when we use this time.

Thousand thanks

Nam Le
July 23rd, 2009, 3:35 pm
came to you via the beautiful rin-wendy block and I am really shocked to hear that. Hope you will be back professionally soon.Let me know, when you are!

All the best and Greetings from Germany!
lothar

Lothar
July 24th, 2009, 6:39 pm
I just read somewhere that there’s a bug in wordpress that someone can just get to your wordpress installation script and reinstall your blog and then gain imediate admin access.

You need to delete the install.php script inside wordpress after successful installation.

If you don’t delete the file anyone will be able to reinstall your wordpress.

victor
July 28th, 2009, 7:03 am
Dulceè¯´çš„æ˜¯æœ‰å¯èƒ½çš„ï¼Œå½“é…ç½®æ–‡ä»¶ä¸¢å¤±çš„æ—¶å€™ï¼ŒWPç¡®å®žä¼šæç¤ºè®¿å®¢â€œæ˜¯å¦é‡æ–°å®‰è£…â€ï¼Œå†µä¸”å¦‚æžœçœŸæ˜¯ä»–é»‘çš„ï¼Œåº”è¯¥ä¸ä¼šç•™ä¸‹åå—ã€‚

ç›®å‰æœ‰ä¸€äº›ç½‘ç«™åœ¨ä½¿ç”¨è´µç«™çš„ä¸»é¢˜ï¼Œæ˜¯å¦ä¸Žè¿™æ¬¡çš„æ”»å‡»æœ‰å…³ï¼Ÿ

å»ºè®®æ¥¼ä¸»å†·é™æ€è€ƒï¼Œå¹¶æ”¶é›†ä¸€ä¸‹æœåŠ¡å™¨ä¸Šçš„æ—¥å¿—ï¼Œå†è¯¦ç»†çš„æŸ¥ä¸€ä¸‹ã€‚

cuikai
July 29th, 2009, 4:08 pm
è¿™æ˜¯ä¸€ä»¶ä»¤æ‰€æœ‰äººéƒ½å¾ˆé—æ†¾çš„äº‹æƒ…

o(â•¯â–¡â•°)o

SW-27
July 30th, 2009, 1:32 pm
I am sorry for you Rin… it should not happen to you..
o(â•¯â–¡â•°)o

vinoth
August 2nd, 2009, 7:01 pm
æˆ‘æ˜¯ä»Žhttps://rin-wendy.com/çš„è¿žæŽ¥æ¥åˆ°è¿™ä¸ªåšå®¢çš„ï¼Œåœ¨æˆ‘çœ‹æ¥è¿™ä»¶äº‹æƒ…å¹¶éžé»‘å®¢æ‰€è°“ï¼Œä»»ä½•ä»¥ä¸ºé»‘å®¢ä¸ä¼šé‡‡å–è¿™ç§æ”»å‡»ç½‘ç«™çš„å½¢å¼ã€‚è€Œå¯¹äºŽWordpressæœ¬èº«å¦‚æžœä¸¢å¤±wp-config.phpæ–‡ä»¶è€Œåˆå˜åœ¨wp-config-sample.phpæ–‡ä»¶æ˜¯å…è®¸é‡å¤å®‰è£…çš„ï¼Œå†ä¸‹ä¸€æ¥ä¼šæç¤ºè¾“å…¥æ•°æ®åº“ï¼Œå¦‚æžœè¡¨å’Œæ•°æ®åº“ä¿¡æ¯æ˜¯ä½¿ç”¨çš„ä½ åŽŸæ¥çš„ä¿¡æ¯ï¼Œé‚£ä¹ˆè¿™ä¸ªæ•°æ®æ˜¯ä¸ä¼šä¸¢å¤±çš„ã€‚ä½†æ˜¯å¦‚æžœä½¿ç”¨å¦å¤–çš„æ•°æ®åº“æˆ–è€…è¡¨çš„å‰ç¼€ä¸åŒï¼Œè¿™æ ·æ‰ä¼šé€ æˆé‡è£…ã€‚å³æ—¶è¢«é‡è£…äº†ï¼Œä½ çš„WEBæ•°æ®ä¾ç„¶å˜åœ¨ï¼Œåªæ˜¯å‡ºäºŽæ²¡æœ‰æ¿€æ´»çŠ¶æ€ã€‚ä»Žç†è®ºä¸Šæ¥è¯´Dulceæ˜¯ä¸å¯èƒ½çŸ¥é“ä½ æ•°æ®åº“ä¿¡æ¯çš„ï¼Œæ‰€ä»¥åœ¨ä¸Šé¢çš„æŽ¨æµ‹éƒ½ä¸å˜åœ¨ã€‚
é‚£ä¹ˆåªæœ‰ä¸€ä¸ªå¯èƒ½ï¼Œä½ çš„webæ•°æ®æ˜¯å®Œæ•´ï¼Œå¹¶ä¸”æ²¡æœ‰ä¸¢å¤±wp-config.phpï¼Œé‚£ä¹ˆwordpresså°±å…è®¸ç›´æŽ¥è¾“å…¥åšå®¢åç§°å’Œé‚®ä»¶è¿›è¡Œå®‰è£…ï¼Œè€Œè¿›è¡Œå®‰è£…å¿…é¡»æ˜¯ä½ çš„æ•°æ®åº“ä¸åŽŸæ¥çš„è¡¨æ˜¯ä¸å˜åœ¨äº†ï¼Œå¦‚æžœå·²ç»å˜åœ¨å°†ä¸èƒ½è¿›è¡Œå®‰è£…ï¼Œæ‰€ä»¥æˆ‘è®¤ä¸ºæ˜¯æ‚¨çš„æ•°æ®åº“å‡ºçŽ°é—®é¢˜ã€‚

è“å†°
August 10th, 2009, 6:35 pm
å¦å¤–ï¼Œæˆ‘å¾ˆæœŸå¾…æ‚¨çš„æ–°ç‰ˆæœ¬ã€‚

è“å†°
August 10th, 2009, 6:38 pm
Hi Rin,

sorry for you, an excellent idee to use a site for two persons.

It is possible to use your rin and wendy themes for my own site?

kind regards and good luck
Michael

Michael
August 11th, 2009, 6:58 pm
hey, rin,

it’s very ridiculous~~

i know that guy who hacked your site…

but from my perspective, he is not that kind of person, and additionally,he is not that capable…

you can visit my web site, and find him.

He always leaves comments at my blog.

nooidea
September 27th, 2009, 8:56 pm

WTF happened to my portfolio site?

30 comments to date:

Leave a Reply

Pages

Featured

Categories

Archives

Tag Cloud

Member of