Hacked! How we got attacked by malware fiends and lived to tell the tale.

Yes, my Web site was hacked. What was almost as damaging, though, were the tools set up to warn people about it.


It's one thing to write about hackers, scammers, and malware, as I've done for various venues for the last 15 years. It's quite another to experience the nastiness first hand. Yesterday it was my turn. Here's my story.

Last night around 7 pm I Iogged onto my occasionally NSFW humor site, eSarcasm, to post something snarky. What I saw though, was something different and much scarier than usual -- A big fat warning sign from Google Chrome:

google chrome malware warning

Uh oh, I thought. That couldn't be good. But surely it's some glitch. Why would hackers target us? (OK, I can think of a few reasons. Maybe it was one of those humor-impaired Craigslist strippers we'd been mocking lately. We know Apple fanboys don't like us much. Or possibly 4chan's legions had stumbled onto our site and found something displeasing.) So I checked with my partner in snark, JR Raphael. He was seeing it too.

[ See also: How to murder a Flash cookie zombie ]

We tried other browsers. Firefox displayed a magenta page that directed users to StopBadware.com, a site co-sponsored by Google and Mozilla designed to steer people away from malicious Web sites. My Firefox NoScript plug in confirmed that, sure enough, a script trying to redirect to brnighome.com was running on our home page, but only some of the time. And we could find no evidence of any links to brnighome.com anywhere on the site.

Now what do we do?

We sent a panicked note to our Web host, Doreo, hoping someone was manning the support lines after hours and would take pity on us. In the meantime, we took the site offline and searched for information about brnighome, which was scant.

Join us:






Answers - Powered by ITworld

ITworld Answers helps you solve problems and share expertise. Ask a question or take a crack at answering the new questions below.

Ask a Question