Cyclelicious Hacked!

If you’ve visited Cyclelicious anytime Friday through this morning, your PC may be infected with Malware.

Several hosting providers — including mine — were hacked yesterday, and this attack continues through today. Cyclelicious, along with probably hundreds of other blogs and websites, are victim to this hack.

I’ve cleaned the malicious code from Cyclelicious, so this should be safe to browse again. I feel very badly about this, and I’m looking to see what I can do to prevent this from happening again. I’ve been unhappy with GoDaddy’s service lately with poor uptime and performance, and I pay money specifically so I don’t need to deal with security issues such as this.

The hackers injected code into several webpages that redirect your web browser to automatically download Malware — in this case, I believe the malware installs fake antivirus software that extorts money from their victims with incessant popups telling you your PC has been infected. Even if you see no obvious signs of malware, you’ll want to run a malware scan.

16 Comments

  1. This type of attack against WordPress sites has been going on for several months. The usual culprit is a vulnerable plug-in, but plenty of responsible publishers with fully patched sites have been hit.

    Thanks for cleaning up the mess, Richard.

  2. Sorry to hear about this and thanks for letting us know. I was at your site on Friday, but am on a Mac so I think I’m okay. I’ll need to check to see if my site had the same thing happen as you.

    Darryl

  3. why I have a mac for surfing and a PC for Doing Mainstream Stuff for the Masses. Now, to get back to that Powerpoint…

  4. And how would this affect me on my Mac? Oh right, carry on then! Hehe! I’ve been pretty darned happy with BlueHost for my domains and space (the unlimited space is kind of awesome!).

  5. I’m curious — what does Safari or other Mac browser do when it comes across a javascript redirection to a malware site?

    For the record, I posted the note for the benefit of approximately 5% of Cyclelicious users who are vulnerable to malware like the Hillary Kneber hack from the weekend. About 70% of visitors use some version of Microsoft Windows, fewer than half of them are using Internet Explorer, and about 20% of that population are using a vulnerable, older version of IE.

  6. What happened to the hubfinder tool? It gives a weird error message: Fatal error: Cannot redeclare class soapclient in /home/content/r/i/c/richardmasoner/html/hubfinder/nusoap.php on line 4104 What is that all about? http://www.cyclelicio.us/hubfinder/ hasn’t worked for a couple days now. Was it affected by the hackers too?

  7. I finally changed my default PHP from PHP4 to PHP5 and I didn’t even notice hubfinder was broken until you mentioned it! Thanks for bringing this to my attention, but it’s probably going to be next week before I can fix this (busy busy busy!) So sorry about that.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.