The Reid Report, (authored by Joy Reid, long-time South Florida political blogger), is the victim of some sort of hack which has resulted in malicious software being downloaded and installed onto computers visiting the site, without the users knowledge or consent. Firefox browsers should block the site from loading and inform users that it is a Reported Attack Site. Internet Explorer users will not have that protection against infection of their systems.
BlogNetNews Florida recently removed Joy’s blog from its feeds, and Twitter has already expunged updates from the floridaBNN Twitter feed which linked to The Reid Report. These security measure are necessary to avoid spreading malicious software to unwitting visitors to her blog.
FPC has not yet removed our blogroll link to Joy’s site, but I strongly suggest that no one visit her blog until the malware problem is taken care of. [Update: The site appears safe to visit now.] If you have visited the site recently, I urgently recommend scanning your system with a reliable and recently updated anti-virus program. (The free version of Avira AntiVir is a good tool for this purpose.)
In a recent post, Ms. Reid complains about being banned from Twitter and relates that she doesn’t know why. The likeliest reason is that links to malicious sites cannot be tolerated by Twitter management and that her blog is currently blacklisted by Google. (@joyreid on twitter)
As the technical adviser for FPC, the security of our site is one of my prime responsibilities. I’ve done everything possible to harden our site against attacks and to keep any vulnerable software platforms we’re using up-to-date. Many bloggers do not have the skills and the specialized knowledge to harden a site as we have done here. Other progressive Florida bloggers should take notice of what has happened to The Reid Report and consider that their own sites may have vulnerabilities that they are unaware of.
If you use WordPress as a blogging platform, keep it updated. (Also, some older WordPress templates expose vulnerabilities that can be exploited by hackers. Keep those templates updated, as well.)
If you install code-scraps and widgets that point to domains you don’t control, be sure that you trust the source.
Make regular backups of your databases and files. This may be a pain to do, but it is far easier to restore clean copies of your data than it is to scour malicious code from data that has been compromised.
Choose strong passwords and guard them. If someone has your password, they can do all sorts of nasty things that you’ll have to deal with.
If you use Gmail, be aware Google’s email service is vulnerable to certain hacks, especially cross-site-scripting, (XSS). Don’t have Gmail logged in and open while visiting other sites. (Tabbed browsers make this easy to do.) Make sure that you inspect your Gmail filters regularly, (look under Settings –> Filters), as some attacks use these filters to forward your emails to malicious people. If you didn’t create the filter, delete it and change the password for your account.
Take precautions and adopt safe surfing habits. Don’t use Internet Explorer, choose a safer browser, like Firefox. Always use an anti-virus program and scan your system regularly.
Florida’s progressive blogging community deserves to be heard: Don’t allow the hackers to silence you. What happened to The Reid Report was preventable. I hope that Joy can get this cleared up quickly, so that we can once again enjoy the insight and observations that her blog has long provided us.
Update: Joy Reid is cleaning up the mess and shares some of what she’s learned while dealing with the problem. Via email:
It appears that I have survived the hack attack. Thanks again for the heads up, and now I’ll have the fun of trying to undo all the link damage whoever this hacker is has caused me. You’ve got to love the web! Also, to add to the tips you posted on your site, here are some additional things I was advised to do by the Google Webmaster tools gurus:
1. delete manually added digg code. Apparently, digg has some serious security vulnerabilities, and I had digg code on posts last October that were the source of my problem.
2. don’t use outside stats counters! My other security hole was goodstats.org. If your web host doesn’t offer stats, use their raw log instead, and forget the counters.
3. turn OFF frontpage extensions. It’s something most people forget they even have, since I don’t think anybody even uses Frontpage anymore, but apparently leaving that enabled opens your site to hackerdom.
The site appears safe to visit now, and is no longer blacklisted by Google, so drop by The Reid Report and learn how she survived the hack attack. If you are a progressive Florida blogger, I suggest that you show solidarity against the hackers by adding a link her site to help her regain some of the Google-juice that the exploit stole from her. (Remember: This could happen to you one day.)
Wow. Thanks for the warning, Dave. I had no idea this was going on. I hope it’s an isolated incident and that Joy can clear it up soon.
I do use Firefox about 95% of the time, so I hope that helps. You mention how to deal with these problems on WordPress — is there any special advice for Blogger, which I use?
Blogger is fairly secure, as Google plugs the security holes pretty quickly. The real weakness is the username/password entry point. If someone gets your login info, through phishing, keyloggers, or cracking a weak password, you are screwed. Scan your system regularly, use a safe browser and create a strong password.
Be very careful when adding code scraps to your template file. Make sure you trust the domain where the .js files are hosted, as these javascripts can be used to inject any kind of nonsense into your pages.
Make regular backup copies of your blogger template.
I haven’t played with Blogger in a couple years, so I’m no expert on it, but I haven’t seen many exploits that Google didn’t immediately address. WordPress and other php-based blogging platforms are constantly updating the code to prevent exploits, but unless you keep the software on your domain host up-to-date, you won’t have the protection.
Keep your computer clean from viruses, trojans, and keyloggers. Surf safer with Firefox or Chrome. Always look at the address bar when asked to login, making sure that the correct URL is displayed, in order to develop a habit that will save you from any phishing attempts.
It’s much better to take precautions against exploits than to deal with the consequences of being hacked. The Reid Report was blacklisted by Google, which effectively kills PageRank and search-engine credibility, even after the problem is resolved… Not a good thing to have happen to you.
Joy Reid responds to an email I sent this a.m., and thanks me for the heads-up. She says: “I’m trying to resolve this now. What a freaking mess…”
Thanks again, Dave, for all your FABulous tech genius work.