While the use of a website traffic statistics tool such as statcounter is primarily to record details of traffic that pass through your site as a basis of gauging your site performance, it comes out quite handy in some specific circumstances such as detecting the presence of and tracing the footprints of a computer system hacker.
I happened to have fallen prey to one recently and but for my statcounter records, it may have escaped my attention for quite sometime.
Actually, i think i made myself susceptible to the hacker.
Before i go into further details as a guide for you to prevent such occurrences, let me quickly show you a screen shot of the hacker’s footprints as revealed by my Statcounter records.
The footprints of the hacker shows his access into my hard drive (C Directory) and subsequent access to my website (http://www.homebiz-supermarket.com), encircled in red.
From the statcounter records, the hacker’s IP address is 188.8.131.52 and IP name is Mediacom Communications Corporation. The hacker name may be Steve since that is the name he used on my system and he is apparently based in Des Moines, Iowa, United States.
I had actually first noticed the incursion some weeks back but unfortunately did not pay much attention to it then and did not take a snapshot of that which i would have shown you. That particular shot would have shown his more extensive access into my site, over a lengthy period of time.
What did the hacker do on my site?
From the footprints through the statcounter statistics, i could see that the hacker proceeded to install a micro summary script on my blog and he has made it a duty to visit my computer system occasionally in pursuit of his agenda.
How could the hacker have gained access to my site?
That is where i said above that i actually inadvertently facilitated his entry onto my computer system, through remote access.
A possible suspect is a present or past staff of Symantec(Norton). About a year ago, while still using Norton Antivirus, i sought the assistance of their team via a live support chat to solve a problem on my system relating to the antivirus. They told me they needed to access my system and so i should enable “remote access” which i did. Eventually, they were unable to solve the problem and i must have subsequently forgotten to disable remote access. Perhaps the staff checked back and saw that my remote access was still on or it was a completely different person who identified that my remote access was on, who began to capitalize on this lapse.
What steps have i now taken to dislodge the hacker from my system?
Actually, i was so mad that i instituted an internal company case against the staff of Symantec(Norton) but later withdrew the case.
I have also removed the micro summary file the hacker stored on my C drive but have not yet been able to identify how to remove the script he has lodged on my blog. I am not a geek and my knowledge relating to computers has been acquired through self-training, experience and some read-ups.
In case you know how i should go about removing this script lodged on my system, please let me know in the comments.
I have also since disabled remote access as an exception to my enabled windows firewall and entered a password so that any attempted user will have to enter a password before he gains access to my computer system.
From this experience, i also advice that you always have “firewall” enabled, though this was enabled in mine then, while you constantly review the list of exemptions to your windows firewall.
You have no choice than to allow some exceptions as for example i have exempted Onlywire submitter to enable me do my social media submissions.
**** If you enjoyed reading this post, be sure to fill out this form to receive notification via e-mail once any new blog post is published. You will be able to see the post title and if it piques your interest, you can simply click over to my blog.
You can leave a comment below, picking up one or two dofollow backlinks in the process, as the case may be, since this blog is dofollow and has keywordluv and commentluv plugins enabled.
Do not forget to share this post with your friends and followers. Remember sharing is caring! ****