Yes! Progress with the new hot search archives

Like I mentioned in the previous post, we've been working on the hot search archives. And I've been messing things up :(

Fortunately I just fix a major problem on the new archive! Too bad we have not released it yet, so you cannot see my good work :(

oh, well.

The good news is that it is working as we had hoped and soon it will be released!

We were down this morning

I woke up this morning to find that Niponster was suspended...

Can you imagine my surprise?
And then, to my no small mortification, I opened my email account and found the following from our webhost:

"Hello,
We are emailing you to inform you that your account is suspended due
to AUP/TOS violation. We received a notification from our upstream provider that
your website was involved in using a trademarked name and pictures to
fraudulently gain logins and passwords to accounts. As per our TOS, we have
suspended your website."

About now I am gulping hard and wondering what in the world could have happened. I know that I haven't done anything, but I gather from the email that they are accusing me of phishing. How can that be?

We had had a problem with crackers before on another website so my mind immediately raced back to that experience. I thought, "It must be the work of crackers. Somehow they have hacked into my site and planted their phishing page."

I will save you a long read and let you know that that is what it was and that the situation was all resolved by this afternoon and everything is back to normal.

I would write more about it, for those of you that have websites that might be similarly targeted but I don't want to bore the rest of the readers. If you want to know more about how I corrected the problem please contact me and you can also find out about how phishers are hijacking websites in this article (http://news.zdnet.co.uk/security/0,1000000189,39202003,00.htm )

-Tori

RE: uh, oh.

We had some technical difficulties today. Good thing James recognised it early! It is all taken care of now.
Onward we go!

-Tori

Part V: Hackers cracking sites & hijacking your email to send spam

If you missed them (and have way too much time on your hands) here are the other parts 1,2,3 and 4.

I decided to write a part 5 for all of the people coming in from search engines, digg, and reddit who are interested in information about having you site hacked and what you should watch out for.

ATTENTION WEBMASTERS:

Even if you get your site back up and running you may still need to watch out for this...

* Hackers may hijack your email account to send spam *

Our webpages that were hacked were running on a content management system (CMS) called PHPIZABI.

From what we can tell the hackers accessed some of the administrator functions through a whole in the older version of the program (this is why you always want the newest version!)

We were fortunate and they weren't able to or decided not to cause much damage.
But I suspect now that more than damage they might have been looking for email accounts to hijack.
Why do I suspect as much? Because I received this email in my gmail account:





This email came from the email that was registered on the admin page of the site that was hacked. I created this email account in cPanel, had the account been a gmail account I'm sure this would not have happened. I figure that they might be using some program to send out spam because since an email came to my other email account then the program must be emailing addresses from my address book.


In Good Company:

We are not alone by any means in having our email hijacked. Just check out this Google search:http://www.google.com/search?hl=en&q=hackers+hijack+email


The results include stories of popular sites like "million dollar website" and even WIKIPEDIA.org having their email accounts hijacked and abused to send spam and malware.


So what can you do if you are hijacked?

In my case I was fortunate again, I was barely using the email account that was hijacked so I just deleted it.



I researched some information on other actions one can take but it doesn't look hopeful:

http://www.mailsbroadcast.com/email.broadcast.faq/45.email.hijacked.htm



http://answers.yahoo.com/question/index?qid=20060918201000AAa071G

This search was a little better:
http://www.google.com/search?hl=en&q=fighting+email+hijack&btnG=Search

Sorry if that doesn't help,
-Tori

Oops...

oOpS


We just received feedback from a user notifying us that the archive links for this blog were dead-links (links that lead to non-existent pages).

After beating ourselves up about about not catching the error earlier we fixed the problem.
Like we've said before, to err is human but your forgiveness is devine :)

To the user, thank you for the feedback. We really appreciate all feedback, it really helps us make Nipponster better for you.

Keep giving us your feedback!
-Tori

p.s. sorry about the previous pic. scary.

the "hot search" tag cloud is back! and the admins rejoice

Thank God!
the hot searches were down for about a day or more and I was really worried. Thankfully they are displaying again. I can sleep now...

-Tori