You Wouldn’t Wish This Could Happen to You 2
Yesterday I mentioned the website that was paying Google (via Adsense) to show people a blank page and I also mentioned the server problems we had been having. I also happened to share our server problems with a friend via ICQ. This morning he woke up to his own server problems.
He and his business partner run a small business that involves a number of online jewellery stores complete with shopping carts etc. These two guys are very technically minded and the handle all their own server issues themselves as well as writing their own software too. But for their jewellery stores they use a shopping cart script and add-on modules written by someone else.
This morning our friend woke up to find that someone had gained access to their server through one of those add-on modules and added a malicious toolbar to every page on every site that was on that server. That meant that anyone visiting their sites, no matter what page they went to, was instantly downloading the toolbar and basically losing control of where they wanted to go on the Net.
It took both guys all day and some of the night to track down ever instance of that malicious code and remove it from their server. At the same time they lost a full day’s worth of sales and quite a few customers as well because no one is going to go back to a site on the Web where they picked up something as nasty as that.
The moral of the story? If it happened to them it could certainly happen to you so, if you’re running anything out of the ordinary, it pays to have the technicians, at the place that is hosting your site, go over your sites to look for anything that might allow someone access to your server without you knowing.
Our friends knew what they were doing and yet they still got caught. If you’re in any doubt get someone who knows what they’re doing to check out your sites and assess their vulnerability.
