It’s hard to describe the feeling of being hacked. Anger. Embarrassment. Panic. The questions flood your mind: Who did it? What were they after? What did they get? What should I do?
There isn’t much you can do to answer the first few questions, but as far as what to do, you must take action quickly. If you’ve been hacked, time is NOT on your side.
Follow this guide to dealing with a digital intrusion into your blog.
Hackers are always looking for complacent bloggers who let their defenses down.
Save Hacked Pages
Before you do anything, save the corrupted webpage to your hard drive. This will be crucial if you decide to make a report later on down the line. Also, it will be hugely beneficial for the purpose of screenshots if you decide to blog about your experience as a warning to others. Depending on your browser, it’s something like: file, save as, choose location (NOT your C drive!). Make sure you click the “webpage complete” box.
Contact Your Host
Get your host on the phone, tell them what happened, and ask them to check for any code that was remotely injected into your site. Many blog hacks are attempts to post links to your site or direct visitors of your site to another location. It is possible to discover and eliminate these types of hacks on your own, but your host can likely do it much faster.
Change Your Password(s)
Change any passwords associated with your account. This will likely, at the very least, stop the bleeding and prevent any further intrusions. If you use the same password on multiple accounts (Facebook, email, whatever), change them all. If they know they’ve breached one account, they’re not far from checking to see if your password will work on the others.
Google Safe Browsing Diagnostic
Google has an awesome application that makes identifying threats much easier. With Safe Browsing Diagnostic, simply type this http://www.google.com/safebrowsing/diagnostic?site=http://YOURWEBADDRESSHERE/ into your address bar. Google will tell you if your blog acted as an intermediary resulting in further distribution of malware, if it is listed as suspicious, or if it has ever hosted malware.
If you’ve been hacked, the most important thing you can do is act immediately.
Hackers have been around as long as the Internet. Like cops and robbers, they seem to always be a step ahead of the people and companies who work hard to stop their progress. Protect yourself with smart software options and good security software, but if that fails and your blog is hacked, take action right away.
Also, when the dust settles, try to write a blog post about your experiences. Information is the hacker’s worst enemy!