Blender-addons website hacked

Sad news. Blender-addons(dot)org was infected with malware that caused visitors to end up elsewhere when clicking on a link to the site (for example a link on youtube to blender-addons).
Siteground - support advised me to delete some files immediately and I did. As result the website doesn’t load anymore and I am not sure If I can get the articles back and start from scratch.

6 Likes

I know, it’s not world news. Just writing things of my chest. I thought this would be a safe place to do that. :smiley:

2 Likes

It sucks. Damn hacker bots.

I hope you’ll find a way to recover your site and the previous posts.

3 Likes

Started from scratch. This to ensure the web is safe and clean.
Got a kind of back up, but all has to be done manually.

4 Likes

Damn! Do you know how this happened? I can recommend the WordFence security plugin. It scans all kinds of things to harden your WordPress installation.

1 Like

I think it’s related to Zero-day flaw in File Manager plugin actively exploited
Which is quite in the news since september 3.

Next to the new fresh start, I am going to take extra precautions like that indeed. Wordfence, I’ll check that as well. Thanks.

2 Likes

In addition to @bartv’s advice, my wife (a web developer) recommends WP Cerber Security as a free alternative to WordFence if you don’t like to pay for WordFence.

1 Like

Hmm, it’s paid too? The free version offers very basic protection, I think that’s pretty similar to the non-premium WordFence version.

@Peetie also, note that Siteground makes daily backups of your site. If you can determine when the infection happened, it’ll be very easy to roll everything back.

1 Like

I suspect the infection happened on August 13 and that was exactly that last back up available.
A good thing when starting from scratch is: quite some older post were outdated.

1 Like

I’ll try the WP Cerber Security for non-profits: https://my.wpcerber.com/nonprofits/

2 Likes

Are you absolutely sure about that? All their plans include daily backups:

In cPanel, go to backup tool and select a blue date (the green ones are manual backups):

1 Like

Wow, I found the latest blue one; August 12. And got most back.
You’re a hero Bart!
I’ll ask them to scan, and see if those nasty files are still there.

3 Likes

Looks like you were just in time as they only keep backups for the last 30 days :sweat_smile:

2 Likes

Cool, a happy end after all! :+1::+1:

2 Likes

Not sure yet, they have to do a scan, and see if all is clean. Or if we can clean it manually if that is still need.
Thanks for your support guys. You did all you can. Let’s see.

2 Likes

After reverting the website back to August 12, Siteground (webhosting provider) did a scan and found nothing.

In case you notice redirections to another site, please report it immediately. According to Siteground the website is now clean: https://blender-addons.org/blender-addons-website-hacked/ (If you want to volunteer and check a link).

2 Likes

Just ran a few clicks here and there and all seemed to be working fine…

1 Like

Thanks for trying. Much appreciated.
Sound good so far.

1 Like

I’m glad that it appears no severe damage was done. Still unfortunate and disconcerting though. I’m not seeing any odd behavior also so hopefully all is well. I like your site and reviews (I’m a bit of of an add-on junky also). So I often visit your site. Keep up the good work.

Cheers and stay safe!

3 Likes

@Peetie is this Covid widget supposed to be there? It seems a bit out of place:

2 Likes