Apologies again about the light blogging. It might have something to do with the fact that my computer got infected by a nasty evil demon virus from HELL yesterday, which took me over 6 hours to get rid of completely. This evil monster blocked me from accessing antivirus related sites, hijacked my Google searches, crippled my AV software so I couldn’t download updates, blocked my attempts to use Regedit (so I could go into the registry), and constantly crashed Firefox. It also corrupted any antivirus software I tried to download too. Only by renaming Regedit and figuring out where the virus was getting its cues from in the registry was I finally able to disable it and download the needed software to remove it from the system altogether. Gads.
And that might have been the end of it, except that I’m minding my own business watching a Netflix movie and trying to unwind from all the stress before, when I get an IM from a friend letting me know my blog was down.
Uhhhhhh?
So I surf in and sure enough the only thing left of my blog was a weird PHP error. After doing some quick googling, the error usually occurs when the site has been hacked.
Oh no, oh no no no no no….
I logged in, checked some of my files and noticed right away many of them had been changed only minutes before. Upon opening the PHP files I saw malicious javascript code had been injected at the top, explaining why my blog was no longer functioning. Left to itself, once the code was operational it would have spread and potentially infected any subsequent visitor to the site who didn’t have their browsers appropriately shielded (you know, like dumbass me.) The irony of it is that the unique setup of my blog prevented the code from working properly, the one saving grace from having so much junk on my blog to begin with.
I contacted support in a panic, and they responded almost immediately, and restored my entire site within a few short minutes. I asked them to investigate and they found FTP logins that were out of the ordinary and didn’t match the IP addresses I normally used. After some investigating of my own, I confirmed it was the same group that infected my PC with a virus before. Evidently the trojan I was infected with had sent them my FTP passwords, and the hackers’ server later used that info to log in and inject my blog with all kinds of malicious crap. Fun times.
My host sent me the FTP logs and from there I was able to determine exactly who the culprit was, a server in Norway that appears to be a clearinghouse for Russian criminal activity. I’m pretty sure what happened to me was all automated, and that I was just one of many victims of what’s become a well organized setup designed to do what else, make money. The Google searches I tried when I was infected hijacked my searches and redirected me to spam sites instead. I also discovered 419 type scams as well coming from the same server (including my personal favorite, one from a Russian “single mother” pleading for money so she could feed her starving family, and oh by the way, she’s 30 and a hottie too.)
Glad the nightmare’s finally over though (I think). Can I go back to watching my movie now?
Subscribe to my posts or the kitten gets it:
RSS
Get Posts by Email
Twitter
Google+
Facebook
Flickr
YouTube
LinkedIn
Blip.fm
Thank goodness for friends ;)
And a great site host…
Glad you are back up and running
I tweet about the conficker worm … you get hit with it … and then you stop following me on twitter. Hmmm. :O Quinkydink? [I keep tryin' to tell people to get a Mac. I'm startin' to think y'all enjoy seeing just how many patches you can download before your hard drive deflates] Glad you recovered. You might try unplugging your computer when you’re not using it.
Love the site design and layout. I read a few of your blog entries. Interesting. Sorry I didn’t discover it until Qwitter tossed your name into my email. I’m a bit slow to check links on Twitter profiles these days. I seem to attract people who are busy trying to sell me a product or a new way to make money.
@Marshwiggle: Thanks “friend”! ;)
@Sandielee: Weird, I hadn’t unfollowed anyone in ages. Qwitter is a dweeb though, it notifies me of unfollows that happened eons ago ago, and only a small portion gets reported. Twitter is being a ho monkey too. In any event I have fixed this egregious error and refollowed.
Then of course, if Qwitter hadn’t sent you a note, you never would have read my blog, so there.
I am planning to get a MacBook for my next computer, in fact I may dump the desktop altogether and get two laptops (one for backup) for better mobility.
Thanks for the compliment on the layout. I was actually thinking of doing a major redesign because a friendly critic thought it was horrible and she couldn’t tell what my site was about. Made me cry all week.
Just a thought…… Perhaps you continually get hit with bugs or shall we say ‘infected’ is because you’re a dirty internet whore?
Or perhaps because I am so awesome that even the Russians I need to be stopped before my awesomeness takes over the world.