SQL Injection, Malware & Google Alert!

About a month back, I received an email from Google’s search quality team. The subject of the email was somewhat shocking. It was all about the possible malware infection and download activity from my pages.

My initial reaction was, ” It’s possibly one of those millioqn dollar lottery emails. ” but when I saw the intermediate red warning page that Google presents to visitors about ‘Reported attack sites’, I was speechless. Who could do this to me? I asked myself. Couldn’t find a soul to blame. Later, realised, other was possibly one of those plugins which I installed lately.

What happened was, I installed few WordPress plugins from ‘not so reliable’ source and using the poor scripts some malicious codes were injected to my database. Not only this, this infection spread among all of my mySQL databases which hosted WordPress. On all of them, WordPress’s content table wad injected with SQL snippets which added forwarder links to malware sites.

Soon, I took my sites offline and due to lack of time, it actually took me nearly a month to recover. I am very to be back on line. I lost quite a few of my old posts though.

Happy blogging for all.


Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.