Dec2007 11

Gone Phishin'

Posted In Official |

{mosimage}This morning I was woken up around 6am not by my boss, but GoDaddy. It seems that one of my domains, PBDB.net - Australia's Premier Paintball Database site, was being used in a phishing scam.



After rubbing the crust from my eyes and looking at the email GoDaddy had sent me, I determined that the phishers / hackers / script kiddies had used an exploit in Joomla, the content management system I'm using for PBDB. I was a version behind, because when I last tried to update it, Joomla suffered from the same problems as other CMS's suffer - poor upgradeability and hence was in version-limbo.



Anyway, back to this morning. Whilst GoDaddy were in my ear about shutting my site down permanently, I told them I had deleted the offending directory, which pleased them and GoDaddy then wished me to have a nice day. As if.



There are lessons to be learnt here. 1) Keep your software up to date OR 2) Get better software, which means I should spend more time working on Depot.



blog comments powered by Disqus