Recovered from hacking!

News and announcements from the Okamisan. Board members can also post news and announcements here!
User avatar
Okamisan
Site Admin
Posts: 140
Joined: Sun Dec 04, 2011 3:01 am

Recovered from hacking!

Postby Okamisan » Thu Mar 01, 2012 12:35 am

The Teahouse, and a number of other sites who share the same server, were the victims of a hacking incident recently. :pullhair: In the wee hours of Tuesday Feb. 21, someone broke into the server and dumped some bad code into all the .php files. The main thing users will have noticed is that the sites were frequently inaccessible. You may have also been redirected to a stack of porn sites -- if this happened to you, please accept the Okamisan's most humble and embarrassed apologies! :oops: :baghead:

I do not think there would have been any malware transferred to users, but you would be well advised to change your passwords for this and any other of the sites which live on that server, and make sure your virus scanners are updated and recently run.

The Okamisan discovered the damage late on Friday Feb. 24, and spent through the end of the day Monday the 27th getting things cleaned up. The Teahouse and other sites on that server are now clean!

Thank you for your patience during this time. The Okamisan is sending the Daleks :dalek: :dalek: :dalek: and the Narn Bat Squad after those responsible. Whoever they are. :ninja: :ninja: :ninja:
If you've got eyes to rhythmatize / Bring your flat hat and your ax / 'Cause tonight at ten / We'll be working again / At the teahouse on the tracks
--Donald Fagen, "Teahouse on the Tracks," from the album Kamakiriad
User avatar
Okamisan
Site Admin
Posts: 140
Joined: Sun Dec 04, 2011 3:01 am

Re: Recovered from hacking!

Postby Okamisan » Thu Mar 15, 2012 9:58 pm

The good news -- we do appear to be well and truly free of the hacker taint. This time.

Not long after I sent the previous message, the Teahouse was again infected! It appears that while I cleaned up the damage the first time, I had not discovered the actual source of the malware, the "payload," as it's known. I triggered the hidden program and saw it spew its garbage all over the files, all over again!! :duh: :pullhair:

Fortunately, with Joe's help on savvy web searching, I located several programs and shell scripts which were able to both clean up the mess and locate the hidden program and get rid of it -- hopefully once and for all.

I'm keeping better backups now of both the web files and databases, and have done my best to tighten up security and make sure this doesn't happen again.

Thank you all for bearing with me.
If you've got eyes to rhythmatize / Bring your flat hat and your ax / 'Cause tonight at ten / We'll be working again / At the teahouse on the tracks
--Donald Fagen, "Teahouse on the Tracks," from the album Kamakiriad

Return to “Leave Your Shoes Here”

Who is online

Users browsing this forum: No registered users and 1 guest