I suspected it a few weeks ago when my Google news reader included some garbled code along with my blog’s usual RSS news feed content. Everything then seemed ok, so I let it go. Then Matt Hurst emailed me over the weekend to let me know the homepage of this blog was publishing links to dozens of MP3 download sites in the footer. It was true: Some Internet scum hacked my blog.
Considering the malicious links were appearing in the footer, I went into the footer template of my blog software and deleted a line of code that traced back to Felix Ker. It seems the malicious links have disappeared, but now I’m investigating for further damage and vulnerability. (If you notice anything suspicious, please let me know. The hacker’s publicly viewable impact was invisible to me whenever I was logged into my blog software.)
For the record, I downloaded an enhanced version of Liew Cheon Fong’s three-column Kubrick theme from Felix Ker, which I used partly to create this blog’s layout. Considering Fong, a well-known blogger and coder, acknowledged the availability of the Felix Ker version, I figured it was safe. Perhaps it is safe and I was hacked through some other vulnerability. If you have any insight here, please let me know.
Either way, I’ll be updating to a new theme shortly and taking additional steps to protect myself. If you have any recommendations or suggested reading, please let me know.