Hacked!
June 6, 2007
For those who aren’t aware Dreamhost experienced a security breach. According to Dreamhost, approximately 3,500 accounts were compromised, the hackers taking note of FTP user accounts, user names and passwords.
With this data the hackers, using an automated script of some sort, added SEO links/inframes to every instance of index.html or php.
This is the last straw. I’ve been with Dreamhost since mid-2004 and recommended them on more than one occasion and even went so far as defending them when others complained about slow service or half-baked customer support, the latter being something I never experienced.
Not any more. It’s time to look for a new home.
Over the past two hours I’ve had to comb over my files, looking for anything that could have been stolen and to my knowledge some files might have been removed.
Not only that, but the password I used was one of the best passwords I’ve used in a long time and now, thanks to this, I have to piece together a franken-mash of numbers.
It’s sad because while I represent, according to DH, only .15% of the customers whose data was changed in some way, I just wish something could’ve been done to prevent this.
Yet, who am I to say that web hosting is safe from this kind of thing, which apparently it isn’t. I suppose I wanted to believe that they were impenetrable, even if that was a premature wish.
The culprits added inframes and linkage pointing to offshore sites displaying garbled information; SEO tactics indeed.
On the bright side of things, my entries are safe, every one of them accounted for since 2004. This wasn’t an issue really considering I’ve kept backups of my DB since the beginning and make it habit to do it frequently.
I’m also planning on moving to a new CMS and will be taking the entries with me to preserve for the future, when robots make swiss cheese sandwiches with George Forman machines.
Does anyone out there have any suggestions for a new host?
17 comments
Man, that would make me sick to my stomach. Sorry to hear about it.
I’ve been really happy with both MediaTemple (since they got most of the issues with gs worked out) and Webfaction. My personal sites are located on Webfaction, which is great if you like a little more control of your server configuration.
by David Hemphill on June 7, 2007 at 1:18 am. #
Sorry to hear you got the short end of the stick with this Erik.
I checked my account this morning and, as far as I could tell, there were no hacking attempts on my side. I did change all passwords, however. Then again, my sites are in such a lethargic activity level than I’d rather like to see some action going on — even from hackers.
I wish I could have some handy web hosting recommendations but if my previous experience is any indication, all of them have a weak side to exploit. The 100% bulletproof web host seems more illusion than reality. I’ve been with Interland, (mt) and some other “lesser” hosts — and all of them sucked at tech support, security breaches, or both.
I’ll be however interested to see what other worthy hosting recommendations you get for consideration.
by beto on June 7, 2007 at 1:52 am. #
Man that sucks. I’m sure, since they are so popular they have a big taget on their backs. I’d like to know if this has ever happened to some of the other large hosting companies (MT for example).
I just moved to Dreamhost
, but I have not noticed any changes to my pages. What exactly is a “SEO links/inframes” so I can look for that? *crosses fingers*
Sorry, no suggestions for a new host. But, I asked for some suggestions on 9rules; looks like thieir site’s down now, I’ll get you the link.
by Mike on June 7, 2007 at 8:09 am. #
I’ve been very happy with Media Temple though I’ve only been with them for 9 months or so. In theory any host could get hacked though, it’s just a matter of the skill and determination of the hacker.
by Ben G. on June 7, 2007 at 11:23 am. #
I really like axishost.com. The owner, Tina, has a great reputation on webhostingtalk.com, and is always very helpful when I have any kind of issue. They’re turning into a large host, but maintaining the small host feel when it comes to personal attention. The only downside is that they don’t have support via the phone, which would be nice.
But they have excellent prices, fast support via tickets, and near flawless uptime. I’d highly recommend you look into them.
by Chris Huff on June 7, 2007 at 11:47 am. #
How about Mediatemple?
by Nicolas on June 7, 2007 at 1:22 pm. #
It happened to me too. Twice. But I’ve also heard that this has happened to a number of other web hosting companies before. Thus far, I have been very happy with the service that DreamHost offers and I intend to give them the benefit of the doubt. It seems that their proprietary control panel is partly to blame, and they have taken steps to make sure this does not happen again. Our particular accounts were selected for hacking because of our popularity, so I suppose we should be flattered as well as angry.
Ultimately though, I blame the scumbags who actually did the deed. It is easy to chastise DreamHost for sloppy security, but how many businesses and individuals can claim that their system is 100% impregnable? Somehow, these creatures always find a way through the most draconian of security measures and spread their evil wares.
by Simon Jessey on June 7, 2007 at 2:06 pm. #
I have a hosing company
, http://brainhub.net if you wanna have a look. If you’re looking for something more like a vps system, I recommend my previous host, http://cheapvps.co.uk. 
Of course, ASO are awesome too ^^
by Political Monster on June 7, 2007 at 2:34 pm. #
Mike: Well, up until this point I was pretty much content with their service.
Oh and I meant “iframes”, not inframes. The hackers slipped in an iframe which pointed to a garbled, overseas web site. That and they messed with the .htaccess file with brute force to redirect various links to SEO sites.
Ben , Chris and Nicolas: Thanks for the recommendations. I’m open to them right now and have a list compiled for alternatives when I decide to move to a new home.
These things happen, I understand that, but it’s just a pain in the neck. I’ve been researching new hosts for a few months now so this is just an extra push I suppose.
Simon: You’re certainly more forgiving than I am, and you’ve been hacked twice!
Right on!
by kartooner on June 7, 2007 at 10:12 pm. #
Sorry to hear about that Erik. I’ve been with Lunarpages since 2004, and outside of that one time when they took my site down because I was using my contact form to spam the entire intraweb, they’ve been pretty good.
New CMS? Tell me more.
by Greg on June 8, 2007 at 1:16 am. #
I’ve decided to host with MediaTemple. They appear to be a solid operation and their control panel is a site to behold.
If all goes as planned, I shouldn’t be down for too long, but it all depends on how smooth the process will be.
Thanks again everyone for your thoughts and suggestions.
by kartooner on June 8, 2007 at 3:58 pm. #
The new CMS will more than likely be Textpattern, but I’ve got my eye on Expression Engine as well, so it’ll be a toss up, that’s for sure.
Should I just flip a coin?
by kartooner on June 8, 2007 at 4:00 pm. #
I’d go for Expression Engine. More versatile and a nicer designed system too.
by James AkaXakA on June 10, 2007 at 8:40 am. #
Well, I’ve moved over to MediaTemple but I still need to fix a few things.
by kartooner on June 11, 2007 at 9:34 pm. #
Web Designer, Developer, Flash Desiger, PHP, Graphic Designer
by Rajan on June 14, 2007 at 12:20 pm. #
I’ve been with MediaTemple for a few years now and they’ve never disappointed me. I think you’ll do fine with them.
by Leon on June 22, 2007 at 12:38 pm. #
I heard about this breech. Scary stuff! If it happened to me, I would be in a lot of trouble!!!
Who are you using now? I am using startlogic dot com, but I am looking to move very soon.
by Dui on February 23, 2008 at 3:42 am. #