Two nights ago while merrily enjoying some two buck chuck and responding to emails I got an email saying my personal server password reset happened. Strange. And then 5 minutes later I was kicked out of my gmail. Weird. I tried logging back in. Nothing. Fuck. Wtf is going on. Am I hacked? Youp. Shit! Mental note: I have so many things I need to respond to, sensitive info, love letters, death threats and just other things I really want to keep saved.
Shit. I saw that email about my hosting pw reset. I went to my hosting provider and tried to change my pw and start backing up my dbs and files. Okay, whew. Now back to my email problem…
What to do when your gmail is hacked
1- If they have NOT changed your pw, (they changed mine), go to your google account and change your pw to lock them out. Google Accounts login
2- Okay, didn’t work? Try to reset your password at the gmail password reset page. I heard this may take up to 24 hours to respond to. But you want your email now!!!
3- Still out? Go to the gmail recovery form. This is actually how I got my email back. It took around 30 minutes for them to send me email reset.
Unfortunately, they still had the pw to my hosting server and changed every one of my personal websites to the image above. Fuck!
a) At this point please make sure you have a backup email in your google accounts file, this is where they email the password recovery info to. I used a fake email intially to register my gmail, so from now on I have a real backup email in there.
b) Make backups of your dbs and files from your personal servers right now. Saves you the headache, my other sites had files deleted so now I have to go to google search and used cache links to try and save them.
c) On gmail, I created another account and then setup a filter so every single piece of email I receive is forwarded to that account.
d) Have different passwords. I know you know this but I use the same password, ‘hello’ on so many things. Now I don’t.
e) Update wordpress. These guys put in some backdoor files (pol.php,aa.php, etc…they can name them whatever they want) in really hidden folders so they could access my sites anytime they want. Make sure to check for this and delete them if you find them.
I hope this helps and saves you the frustration and anger that I faced. Any other ideas or similar stories?
Want More? Get new articles via email: