Skip to main content

Blogs Locked After Detected Account Hacking

One Blogger mystery involves the varying periods of blog unavailability, after hacking activity is detected.
My blog just disappeared from my dashboard - and no, it's not listed under "Deleted blogs"!

When the owner mentions the notice about "suspicious" / "unusual" account activity, or having unlocked the account (by solving a CAPTCHA, receiving a phone message, changing the password) - and is advised to wait "24 to 48 hours" - many ask the obvious.
Is "24 to 48 hours" really accurate?

In reality, the legendary "24 to 48" hour time period is only a ball park figure - and both Blogger / Google, and the blog owner, contribute to the uncertainty.

The well known advice to "Wait 24 to 48 hours", after a Blogger account is locked for suspected hacking activity, is only an estimation of the waiting time, which the owner may have to endure.

Account / Blog integrity verification will, regrettably, take several days.

This is an unavoidable side effect, in account / blog integrity verification.

There are several factors which can contribute to the accuracy of "24 to 48 hours" (which maybe should be stated as "one to two business days").

  • Availability of essential Blogger / Google personnel.
  • Current hacking activity level, and ongoing Blogger / Google workload.
  • Blog content, which complicates hacking payload analysis.

Only the blog owner knows the details of the correct blog content.

We've referenced the first two factors (personnel, and hacking activity level) in the well known Blogger FAQ How long will it take?. The third involves detail which only the blog owner can provide. Many blog owners contribute to this uncertainty, in the development of their blogs.

Hackers add their own blog content - when temporarily undetected.

There are several types of content, which hackers like to add, to blogs temporarily under their control.

  1. Advertising - and similar shiny accessories.
  2. Custom code - and various template tweaks.
  3. Links to other blogs - and to websites outside Google address space.
  4. Team memberships - and multiple blog owners.

All of these features, also added by the owner - and allowed (and encouraged) by Blogger - can require extra effort as a blog is validated, after detected hacking activity.

Security experts have to look for hacker added content - and this takes time.

Blogger / Google security experts, in examining an account / blog, must look for features possibly added by the hacker. Security experts have no immediate knowledge what was added by the owner, long ago - as opposed to by a hacker, more recently.

Any advertising, custom code, external links, or team memberships, intentionally added by the owner, will contribute to time spent validating blog integrity.

  • Leave a setting or tweak added by the hacker - and the blog remains a security risk, when returned to service.
  • Remove a setting or tweak added by a blog owner - and the blog becomes broken, when returned to service.

Neither is desired, by the blog owners - nor by Blogger / Google.

The more custom content, added by the owner, the longer verification takes.
More accessories and tweaks == more time spent by security experts == more time the blog remains offline, while the owner waits in uncertainty.


This uncertainty, added to delayed deletion caused by cache latency, leads to mystery.

All of this brings to mind the old adage.
KISS
Keep it simple, stupid.

Comments

Popular posts from this blog

Custom Domain Migration - Managing The Traffic

Your blog depends upon traffic for its success.

Anything that affects the traffic to your blog, such as any change in the URL, affects the success of your blog. Publishing the blog to a custom domain, like renaming the blog, will affect traffic to your blog. The effects of the change will vary from blog to blog, because of the different traffic to every different blog.Followers. People who find your blog because of recommendations by other people.Search engines. Robotic processes which methodically surf your blog, and provide dynamic indexing to people who search for information.Subscribers. People who read your content from their newsfeed reader, such as the dashboard Reading List.Viewers. People who read your content from their browser.No two blogs are the same - and no two blogs will have the same combinations of traffic sources.

Stats Components Are Significant, In Their Own Context

One popular Stats related accessory, which displays pageview information to the public, is the "Popular Posts" gadget.

Popular Posts identifies from 1 to 10 of the most popular posts in the blog, by comparing Stats pageview counts. Optional parts of the display of each post are a snippet of text, and an ever popular thumbnail photo.

Like many Stats features, blog owners have found imaginative uses for "Popular Posts" - and overlook the limitations of the gadget. Both the dynamic nature of Stats, and the timing of the various pageview count recalculations, create confusion, when Popular Posts is examined.