Comments on: September/October Content Gone Forever

By: unbegrenztes frei spiel

unbegrenztes frei spiel — Thu, 15 Nov 2007 14:25:32 +0000

cash loan payday…

Vor realisitisches kasino unbegrenztes frei spiel…

By: Jeremy

Jeremy — Wed, 24 Oct 2007 02:00:08 +0000

Now that I think about it, they didn’t hack Justin’s computer, they hacked his blog’s host site, so that company would have to contact the Internet Crime Complaint Center.

The ICCC isn’t likely to do anything about your blog being hacked but if it occurs repeatedly they might. I don’t know, I’m not a network guru but I did stay at a Holiday Inn last night.

By: Jeremy

Jeremy — Tue, 23 Oct 2007 22:47:01 +0000

Justin, did you contact your ISP about this incident? I would, and I would also mention that this has happened before and you would like it documented.

Concerning the possible viral activity going on at the site, it’s probably not a good idea to openly discuss what viruses/trojans we are encountering, although, it is a little fact the fact now. The person that “hacked” their way into the site in undoubtedly listening and taking notes as to what worked and what didn’t. They will glean any information that is discussed publicly and use that information for the next takeover.

Jimmy, have you updated all of your AV and Maliciousware programs? If so, have you ran a thorough anti-virus scan/malware scan in safe mode? Sometimes viruses and trojans are memory resident and the only way to catch them in in safe mode.

Perhaps it would be wiser to contact Justin via e-mail with any unusual behavior or security breaches, since that communication avenue is private so the “haxors” do not benefit from the pleasure of being LaM3Rs.

By: probligo

probligo — Tue, 23 Oct 2007 17:16:01 +0000

FOr once I am on Jimmy’s side. I posted just before the last crash and again last night that Norton AV was picking up crap from this site.

And believe me I have all of the Windows updates, AdAware, AV in abundance. That is why I get the warning and action from NAV.

It seems to load, at least I have noticed it most frequently, on the add comments page.

By: gerryf

gerryf — Tue, 23 Oct 2007 12:50:54 +0000

probably mcafee

Justin, you may want to see if someone left a little something behind after the hack. â€œJS/Downloader-AUDâ€ is most often seen on websites where a php script attempts to download a trojan onto viewers computers. Since wordpress is php-based, whoever hacked your site might have dropped the download script into your public_html directory somewhere, which is attempting to infect unprotected machines.

Jimmy, you need to update your computer with the various windows updates. the script takes advantage of a known exploit that microsoft patched some time ago

Also, check for a file
C:\Sys{4 random alphabets}.exe in your root

By: Jimmy the Dhimmi

Jimmy the Dhimmi — Tue, 23 Oct 2007 12:49:31 +0000

I’m getting it at my work computer too, but this time it says “JS-PSYME.ANT” I have something called “trend office scan” there, and Macafee at home. I think it has something to do with loading the images at the bottom of this page, because it keeps popping up as they are loading.

By: mw

mw — Tue, 23 Oct 2007 04:53:00 +0000

Jimmy – what firewall are you using?

By: Joshua

Joshua — Tue, 23 Oct 2007 03:25:45 +0000

In a strange way, this incident is kind of flattering. You know your blog’s moving up in the ’sphere when someone figures they can get their proverbial 15 minutes of fame by hacking it.

I’ve not visited/commented here lately as often as I used to (due to time constraints, not the blog quality) so I’ve not noticed much of the loss. In any case though, hang in there – we still love ya. :)

By: Britt Treece

Britt Treece — Tue, 23 Oct 2007 02:55:20 +0000

Google Reader has all the posts from the time period which is missing. I would think you could do an OPML export from GR and import the missing posts into WP. Comments would still be missing, but it’s better than nothing.

By: Dyre42

Dyre42 — Tue, 23 Oct 2007 02:12:04 +0000

I’m getting no such message either.

By: Justin Gardner

Justin Gardner — Tue, 23 Oct 2007 01:30:35 +0000

I’m sorry Jimmy, but I’m not recreating that either. There’s no audio file, and I can’t think of what JD is. If you continue to get it, tell me again and I’ll post about it and see if anybody else is getting it.

By: sadcox

sadcox — Mon, 22 Oct 2007 23:56:02 +0000

Too bad Justin…although I’d read most of it already, but that sucks for you. There was some good stuff there. At least you learned the backup lesson fairly early though. It’s a tough one when it happens.

By: Jeremy

Jeremy — Mon, 22 Oct 2007 23:32:48 +0000

Jimmy, my system is fine–no firewall warnings. Justin, sorry that all your hard work got trashed. I don’t really access the older content so it’s no different for me. Thanks for sticking in there,

By: Jimmy the Dhimmi

Jimmy the Dhimmi — Mon, 22 Oct 2007 22:17:50 +0000

My firewall keeps popping up when I come here about some Trojan file being blocked. Anyone else getting this problem? It says “JS/Downloader-AUD”