Hacked, Restored and Disappointed

October 14, 2009 · by Miyuru Sandaruwan · in

Last night, I finished writing an article on Kingfisher Airlines and tried to log in to the site to publish it. Suprisingly enough, I had been logged out and even more suprisingly, my administrator account had been deleted.
Someone had hacked the website.
This website runs on WordPress, a premier blogging software. Apparently, the hacker used a method that had not been discovered or tried before.
WordPress had a security flaw in its earlier versions where one could reset the password of the account ID 1 ( on most websites, the automatically created admin account upon an automated installation ) by a tweaking method, however this could not have been used in my website because..
1. The website was running on the latest stable version which in fact was a security release that fixed the aforementioned bug
2. As far as I remember, I had deleted the automatically created admin account, deliberately for security purposes
3. Even if I had not deleted it, it would still be assigned to an email address of mine hence I would receive any notifications for a password change request

However, the hacker had somehow used the Forgot Password function and reset the password for the automatic admin account and only the hacker knows the method he used. Not stopping by this, he had also gone the extra mile and deleted my own administrator account.

The attack had taken place between 6pm-10pm IST, yesterday.

I tried my best to figure out what was going on, exercised all security measures I could, asked a few WordPress experts that I knew for help and had a largely sleepless night.

However, I could regain control of the website this morning via a special WordPress security method ( which I would not post here on security measures ).

The drama ended that way. But it has left me really disappointed.

This website was a brainchild of mine ( much more than any of my other sites ), it was pretty close to my heart and I was really glad on the success it could achieve. I used it solely as a ground to express my opinions. But I knew that there were some who could not afford to see the success the website and I was gaining.
Most of them were jealous at what a young man of 18 was doing which they could not do at twice or thrice my age.
I feel like it has taken away my interest in writing about aviation, which was probably what the hacker wanted to achieve. I have been really disappointed by how cruel could one be at another’s future and the whole incident has left me with memories of a very unpleasant experience despite the successful ending. But I might not give up..

However, you need not have any fear about browsing this site at all as it was not infected by any kind and I have also done a complete virus check to make sure it is safe to browse. Have no fear about WordPress as well, as it is a highly reputed and the most actively developed blogging software in the world. Not to mention that it is also the world’s most popular blogging software . Whichever the method the hacker used could not be a security in flaw in WordPress as well and I am sure that if there was any flaw in WordPress, the developers will immediately release a security release within today.
So, keep visiting and I have made sure the site is safe to browse .
Thank you !