
Labnol: Our Theories On What Happened
- Updated On 23/04/2017
- Author : Namanyay Goel
- Topic : Security
- Short URL : https://hellboundbloggers.com/?p=44827
CONNECT WITH HBB ON SOCIAL MEDIA
Labnol, (or Digital Inspiration) and all of Amit’s blogs and websites were recently taken down by hackers (Fortunately, they’re back now).
Here are few theories on how hackers gained access, and how you can be safe.
What we know –
- All sites by Amit were deleted
- The hacking happened before 30 June 11:32PM, most probably in a 24 hour timespan.
- They were up and running around 1st July, 9 – 10 PM.
You can refer Amit’s Tweet here: https://twitter.com/labnol/status/219317563564367872
How did the hackers get in?
There are many theories on this. Here are few of them, ordered by plausibility –
- 1. Bruteforce attack on cPanel – If Amit Agarwal had a weak cPanel password, there are chances that his password was bruteforced. Bruteforcing is a technique, in which the person uses as many combinations of letters as he can. The hacker usually starts out with dictionary words, then include numbers, names, birthdates, and so on. If the sites were hacked using bruteforce, it could’ve taken around 1 – 25 hours for the hacker.
- 2. Learning Amit’s password elsewhere, then trying it on cPanel/WordPress – If Amit has same passwords on every site he used, Hackers could’ve cracked a smaller, weaker site he might have registered on, got his credentials, then tried it on his cPanel/WordPress. If they worked there, they were lucky, or else they might have figured out a pattern in the password, which they then tried applying to his cPanel/WorPpress. LinkedIn was recently hacked. Could it be that hackers got Amit’s password from there, and then used it on his blog?
- 3. Exploiting a WordPress plugin – If Amit installed a plugin recently, it could be that the plugin was vulnerable, and hackers got access exploiting it’s vulnerability.
- 4. Exploiting WordPress’ Vulnerability(ies) – Now, this may seem the least likely to you, but there’s still a small chance that one WP’s loophole’s were exploited.
If you believe that WP doesn’t HAVE any loopholes, think about this:
What are those “fixes” that are done on every version of WordPress?
Uh-oh! What can I do?
- 1. Try to change your cPanel username. You have to contact your host for this, most hosts don’t entertain this change, but if your’s do, you’re a lucky person :D.
- 2. Increase your password strength. Your password should be at least 12 characters long. Preferably, having a few numbers, and special characters mixed in (!, 1, 7, *). The way this comic shows is okay too. Below I mentioned some useful resources for a secure password.
– Tips For Creating Secure And Strong Passwords
– Is Your Password Hackable? [INFOGRAPHIC]
- 3. Change your WordPress username. If the people know your username, they already have a puzzle piece in place. Your name shouldn’t be the username, while the generic “admin” is the worst. Changing your username sure gives a extra level of security. (Also, make sure your nickname, which is shown on comments and posts, is different)
- 4. Keep different passwords everywhere. If Amit’s blog was hacked using #2, it’s a good indication that you too have to have different passwords. For example, if the password to your Facebook account and that shady site you were suspicious of are same, that’s certainly not a good thing.
- 5. Keep making regular backups. Backup your database, your wordpress posts, everything. Some useful posts about “WordPress backup”.
– Using phpMyAdmin To Backup WordPress Database
– Solid Tips For WordPress Backups [Simple Guide]
Conclusion
I hope that hacking of a big site like Labnol gives a lesson to everyone, you are never to secure. Be sure to follow the above tips, and you’ll (most likely) be safe.
USEFUL: 20+ Basic Tips To Protect Your WordPress Blog
This article is written by Namanyay Goel. He’s a freelance web and graphic designer. He blogs at Mos Le Tech, where you can find design articles, tips and tricks, and tutorials.
Want to discuss your queries and interact with experts? You can connect with HellBound Bloggers (HBB) Facebook group for free!
Join HellBound Bloggers (HBB) and get Instant Updates. We'll also notify you with Great Deals, Discounts and other Interesting Tips. We won't SPAM or SHARE your Email Address with anyone.
YOU CAN ALSO SEARCH FOR YOUR DESIRED TOPICS:
Thank you for reading! We welcome and appreciate your comments, but at the same time, make sure you are adding something valuable to this article. If you have any serious queries, suggestions or anything related to this article, feel free to share them, we really appreciate that.
But, if your blog comments are a random "Thank you", "Useful Post", or anything that doesn't actually upscale the article, then we'll be removing them and it won't be appeared below. Thanks for understanding and thanks for connecting with us. If you want to give us any feedback or report any errors, you can kindly contact us and we'll revert back soon.
- Comments
- Facebook Comments
-
Comments
Leave a Reply
54 Comments
Facebook Comments
Gaurav Khurana
Scare to know such things,, so how much time he took to restore all of them..
Hayesh Patoliya
Lablo is very good blog of technology. It had been some time since I visited website with such quality information.
Jignesh Rathod
Reason 2 also seems likely… that many people often lose their accounts because of that!
Whatever the reason was, I just stopped at the tips you provided for account safety in a few words… excellent! They are alarming before it’s too late. Thanks for sharing! I also like the way you take time to respond to most of your readers’ comments. Keep it up! Keep writing.
Jignesh Rathod
Here was an update from Amit on what happened: http://www.labnol.org/home/update/21466/
Stefan Jordev
It is probably a case of the same password being used on many accounts. Because, at least for me, the theory of brute force on cPanel is not an option. It would be extremely difficult.
Atul Dobariya
labnol blog is a very nice and grate blog in the word. 12 hor. hack blog.
senthil
Nice post.New bloggers must learn how to prevent their sites from hacking.
Kashish Jain
Thats a nice piece of information.. Making Strong Password helps if the attack is only via BruteForce.. The remedy to BruteForce is using ‘Login Lockdown’ WordPress Plugin… works good for me.
Kunal
WP has become too vulnerable to hacker attacks now. Amit was quick enough to reinstate his blog. It’s a must learn lesson by one that WP blog backup is must. If not attacked by hacker there are other ways your blog can be down. If a proper back up has been made, the blog can be back again..
Namanyay Goel
Disagree. WP is, and always will be secure. It’s not vulnerable. Vulnerable is the CPanel, or any plugin.
I agree to rest of your points, that backups are essential.
Thanks for commenting.
Priyanka
nothing’s safe here.. good post btw
Namanyay Goel
Thanks!
JamesW
I’m glad that he got his business back, he feeds his family with those websites.
If someone needed money, he/she need to work hard, Amit didn’t get everything by being lazy, but from his hard work. Really, I will never understand those kind of people that breach into someone life and try to destroy it.
Great post Namanyay, thank you for sharing this information.
Namanyay Goel
Yup, good the hacker spared the database.
Maybe he just wanted attention..? Many hackers don’t have anything to gain from this.
You’re welcome! Thanks for commenting.
Avi Jit (@skyhitblog)
I don’t think Amit ji was using a easy pass. May be the hacker has done it using some plugins.
Namanyay Goel
Yeah, it could be that too..
Carl Potts
I’ve wondered for a while just how secure is wordpress once you do the obvious such as ensuring there is no account called admin
Namanyay Goel
Haha, yeah. And the CPanel has to be uncommon too!
Suchit
Amit always rocks, He come back with same stage whatever happened.
Namanyay Goel
Actually, he didn’t. Two of his sites are still down.
Mr Invicto
Must read for all wordpress users … this can happen with you too.
Namanyay Goel
Yup it can! Read the posts to secure yourself to a certain measure..
Atish
This news was too shocking for me because Amit is one of my favorite blogger. Thank God he had the backup. Nice tips.
Namanyay Goel
Yup, really unfortunate.
Glad you liked the post, thanks for commenting!
TrickTacToe
i wonder what hosting service he was using 😕
Namanyay Goel
Dreamhost, but I’m pretty sure it’s not the fault of the host.
TrickTacToe
what about sql injection? is that relevant?
Namanyay Goel
I don’t think so, any SQL injection loophole would be long discovered…
Praveen
SQL is to hack database. Amit said his database was left untouched.
It’s sure thing that his cPanel was hacked.
Chris @ NPI
We must be prepared for everything. Automated backups and changing password from time to time are very important
Namanyay Goel
Yes, we should always be prepared! Thanks for your comment!
Prakash
Its very disgusting to face such type of situations. Once I have faced this situation but it is limited only to my wordpress. And got back it easily.
Nice post thanks for sharing it………
Namanyay Goel
Yes it is very sad to see blogs hacked :/
Glad you got it back easily!
Welcome, thanks for commenting!
Pradeep Bhandari
Well the thing is that if the Blogging Guru can get hacked then we are not safe :O time for more security.
Namanyay Goel
Yup!
There’s also one thing we can do – Don’t rank high! 😛
Then there will be no motive to hack us! 😛 😛
Bharat Chowdare
FYI: Labnol is only Up and Running. His remaining blogs including http://blogschool.in/ and http://ctrlq.org/ are not yet live. The positive side is he got backups and seems like Amit is working to get images also.
Namanyay Goel
Thanks for the info!
Hmm… Weird he didn’t get other blogs back.. But as said on his blog, due to the unfortunate and untimely death of his grandfather, he isn’t paying much attention to those blogs.
Sandipan
Who would have imagined that of all people Amit’s website would be hacked.
Namanyay Goel
Yup! Goes to show that we aren’t safe :/
Wpfix
A complete backup is very much helpful in this situations. We can get the site working back as soon as possible. Every wordpress user must take a complete back up of their websites or blogs.
Namanyay Goel
Yes, every blogger should back up!
SUNIL KUMAR
Good & Informative article. Thanks for sharing this.
Namanyay Goel
You’re welcome!
Zenil Shroff
Aappened with me sometime back, the entire hosting server was hacked, may be this was the case with Amit too.
Namanyay Goel
Yup, this may be. Fortunately, he had backups, so it’s alright now 😀
Anurag Kumar
It doesn’t seem right in first instance “Bruteforce attack on cPanel”…Why would anyone think that Amit has a week password combination…Isn’t he aware of all this…
He has written on his blog regarding “Strong Google Password Combinations, after his Google Apps account was hacked”…The possible chances can be “WordPress Vulnerability or any of it’s plugin…
Amit wrote on his blog “this fellow was kind enough to spare my databases and hence the main site is at least up and running now”…Why would that fellow spared his databases when he deleted every single file /website that was hosted his server…
It could be anything now…any theory 😛
Namanyay Goel
It was just a guess! It COULD be that he has a weak password, we can’t be sure 🙂
Maybe he was just stupid, or didn’t want permanent harm to labnol. Hackers can be kind too! 😛
shivam
even i think it was “Bruteforce attack on cPanel “…………!!
Namanyay Goel
Yes there’s a strong chance of that!
Thanks for commenting!
Praveen
For bruteforcing cpanel… hackers should know the username. So i don’t think it was bruteforce attack on cpanel, or there are chances, they just guessed the username.
Namanyay Goel
Yup, they must have guessed the username.
Anurag Kumar
Hacker was kind enough when he hacked Amit’s Google Apps account “Leaving a message for some amount of money and didn’t harm anything” and this time “he didn’t do anything to databases”…
Amit has got luck with these kind hackers 🙂 Anyway Curse those hackers…
Namanyay Goel
You also have to think the motive of people.. Who would want to just blow away a number 1 site? Nobody, right? It’s obvious that hackers need either attention, or money.
pavan deshpande (@hdpavan)
harm to labnol and amit agarwal , hacker should be punished