Some of you have noticed that the blog was unavailable and/or triggering virus warnings for a good part of Thursday and Friday.
I would like to apologise for any trouble this may have caused you.
The website was hacked by malware, and subsequently added in google safe-browsing blacklist. This would have caused most of you to see a red warning screen in your browser, when trying to access the blog.
The hack was a scripting exploit, most likely making its way through the site via security vulnerabilities in WordPress (blogging platform I use) and injecting parasite code in genuine WordPress files.
I actually caught this infection fairly early and removed/fixed the incriminating files quickly – but the blacklist marking in google safe browsing records take a long time to be lifted, once a site has been cleaned (
as of now, a review by Google is taking place after their latest malware scan declared the website clean UPDATE: the site has now been marked clean by google in their safe browsing records).
In case you managed to visit the site in the last two days, it is very likely that the site was already clean (as I removed the hack as soon as it manifested itself) or that any malware code would have been caught by your antivirus.
Nevertheless, here is more information/links regarding this issue:
- Estimated time where the site was infected: Thursday 10/02 between 12.00/14.00 GMT – 07.00/09.00 EST – 04.00/06.00 PST.
- Google Safe Browsing Diagnostic page (provides more details on the issue). Note that the website appears to have been scanned on the 11th Feb (today) with no trace of infection any more.
- Recommendations from stopbadware.com for internet users. If you are worried that your computer might be infected, please follow their guidelines to identify and remove malware, as well as protect yourself going-forward.
This is obviously a very frustrating experience for you and for me – and I am working towards a complete sanitisation and on-going protection.
I have been talking with the support team of my hosting company to understand the root cause of the attack. I am also reviewing security settings and potential WordPress installation issues in order to avoid this going forward.
Thanks for bearing with me while I try to eradicate the issue completely. I am considering several options, including a full wipe of the website and fresh reinstall or changing hosting company.
I will write an update on this when the issue is fully resolved.