Hackers break into site - which doctor paid them?

by Earl Thurston

07/02/09

A month ago, hackers once again attacked the site. We believe that the hackers are once again working for Dr. Boothe, an eye doctor that performs LASIK in Plano, TX. We immediately fixed the website vulnerability that allowed the hackers access. I did not document it immediately because I wanted to wait and see if the hackers would try anything else and it appears they have stopped. Our corrective actions must have worked.

What did the hackers do?

The hackers uploaded a trojan. The trojan appeared to give them the ability to edit several files on our server. The hackers accessed the site from an IP address in Dallas, TX. Plano, where Dr. Boothe has his business, is a northern suburb of Dallas. The hackers worked from the same area where the Boothe Eye Care and Laser Center is located.

What did the hackers edit in the server files?

The files are what run the website. It's where the code is located, which allows the site to display doctor information to you when you search for it. The hackers made some telling edits to the files. Everything they touched was related to Dr Boothe and no other doctor.

For example, they changed the robots.txt file to disallow the search engines, like Google, from visiting Dr. Boothe's scorecard page. When Google visited DoctorScorecard, it saw the instruction from the hackers telling Google to keep out of Dr. Boothe's scorecard page. As a result, Google no longer shows his scorecard if you search for Dr. Boothe. We found the change and removed the code the hackers put in place, but it was too late. Google has already buried comments written by the public about Dr. Boothe. It's still there, but it's not on the first couple pages of search results any more. So the hackers had some success in hiding what people are saying about Dr. Boothe. All of the information is still here at DoctorScorecard, but Google is no longer showing it to the public in its top results.

What do other search engines show for Dr. Boothe?

When I searched for him on Yahoo today, I clicked on one of the results shown. I was surprised to see that the website about Dr. Boothe was trying to upload a trojan to my computer.

Dr. William Boothe website tries to upload trojan

Luckily, my anti-virus program caught it.

Would you want to trust your health to a doctor that pays hackers to hide what the public says about him?

4 comments

Comment from: kingman [Visitor]

Ah, the power of advertising and reduced service fees. Obviously Dr Boothe needs to do something to continually get victims in the door. The guy is an absolute slimebag! Isn't it funny how the word "Doctor" no longer carries the respect it once did?

07/03/09 @ 21:44

Comment from: Lorna [Visitor]

there is a new search engine
http://www.bing.com and I typed in boothe's name to see what would happen. Not until page 5 does the scorecard come up.

07/10/09 @ 23:15

Comment from: dom [Visitor] · http://www.lasikdecision.com

Disturbing, but not surprised! Boothe's history these past few years (after putting everything together - http://www.lasikdecision.com/index.php?option=com_content&task=view&id=178&Itemid=172) shows that the guy obviously has issues. Definitely one to avoid when considering refractive surgery as there are many in the Dallas area who aren't as controversial as Boothe.

07/13/09 @ 20:33

Comment from: Wanda [Visitor]

OMG- I have never been the type to just believe the things people say about others. I usually like to take it upon myself to investigate on my own and determine then if I believe what has been written. In the case of Dr. William Booth, I am prepared to believe everything written. I took the time to search his name on just about every search engine I could. Let me just tell you some of what I experienced while attempting this.. First i went to Dr. Booth's business website. on the blog tab of his site I tried to view his blog and was shown a blank page. no problem. he has a contact Dr. Booth tab. I clicked on it and tried to leave him a note. when I finished typing my note and clicked submit, I was shocked that the page said error and redirected me to a page that said this folder was password protected. it was actually his host website. Host i can. I was not able to send him a note. I went to citysearch and after numerous trys was finally able to leave a comment about him. the first few trys, my web browser kept getting shut down for some reason, but I kept trying. on many of the search engines if you click his name, you are going to be re-directed to another site, or see a blank page with nothing on it. for instance there is a negative site about him saying that he has fraudulent sales tactics but if you click on it, you are redirected to some site called toseek a ? I am not kidding, this happened over and over as I tried to click on this Dr.'s negative sites. When I did a yahoo search and tried to click on his website for his business, I was redirected to something called world union. OH MY GOD could this really be happening? could a DOCTOR actually be this egotistical that he would go to such extremes? this is unbelievable! Well, I am not the type to just sit and read about something that troubles me and do nothing, of course I left him some words of advise on the site that I was actually able to comment on. (Mycitysearch.com) - If I were a potential patient, I would definately not go to this man. if he is doing what has been said he could be capable of anything and should not be allowed to continue acting as though he is above the law, and untouchable.

10/30/09 @ 05:31

Comment feed for this post