If you visited my blog on March 21, 2019, between the hours of 1:00 PM EST US and 6 PM EST, you were probably treated to an unpleasant surprise. When clicking on blog posts, users were redirected to 3rd party websites which contained… well, let’s just say that they did not contain any SharePoint tips and tricks.
It became apparent right away that my site has been hacked. What then transpired was a thorough investigation with my hosting provider to determine the root cause. When I initially reported the issue, they did not know, but over the course of several hours, similar issues have been reported by others.
The culprit turned out to be a 3rd party plugin called “Social Warfare” that I use on my website to make it easier for visitors to share my posts on social media. To be exact, this plugin fell victim to a zero-day vulnerability that allowed an attacker to inject malicious code. It took me five hours from the time the issue was first reported till the time it took to address the issue (by disabling the plugin). The developer has also acknowledged the issue and issued a fix.
Unfortunately, it is not uncommon for websites to be hacked or be down these days, but when your blog is a trusted resource for thousands of loyal blog followers on a daily basis, it is a different ballgame.
I take full responsibility for this issue and apologize to my loyal blog followers and site visitors for the inconvenience it has caused
What will change
Though I go through very rigorous testing when I make code or plugin updates to my website, this one has slipped through, due to its nature. The vulnerability could not be detected using the standard testing that I do (which primarily focuses on making sure the update does not break the site).
Going forward, I plan to work with my website developer to reduce dependability on 3rd party plugins (I think I should stay OOTB as much as possible, just like I preach with SharePoint to all of you :-) ). I will also make changes to the way I do testing and updates to my website, to assure that incidents like this never happen again.
How I found out about the issue
What was the most heartwarming part of all this during what turned out to be a very hectic and stressful day for me is how I found about the issue. I usually work from home office and happen to go to my site 20 times a day as I look up my own tips and tricks and share them with my clients and those seeking SharePoint advice. But I happened to be on a family vacation that week. As I was biting into my burger while sitting in a bar in sunny St. Petersburg, Florida, my phone started going off with emails and Twitter messages. These turned out to be my loyal blog followers emailing me about the issue and offering messages of support and assistance. While the next several hours turned out to be the most stressful part of my vacation, it was quite pleasing to realize how many loyal blog followers I have.
Thank you, my loyal blog followers, for understanding and patience!