?

Log in

entries friends calendar profile CheriePie.com older entries older entries newer entries newer entries
Phishing Bastards! - The ramblings of a Sexy Geek Chick
elektric
elektric
Phishing Bastards!
No, I'm NOT responsible for the eBay and Wachovia Bank phishing schemes on my site.  It would appear that someone hacked my gallery and was able to place these files there.  I've removed them, but I'm not sure if I've blocked the exploit completely without further research.  Right now, the writable directories are gone so I hope that means the phishing pages are gone too and aren't gonna turn up in another directory somewhere.

Unfortunately, I didn't realize when I set this site up that it would be a constant struggle to stay on top of all the security issues that crop up for exploits.  Especially since I customized the code of my gallery, I can't just drop patches in without significant modification. 

So for the time being, the gallery's offline.  I'll have to see if I can find backups of the pictures.  But it's not top priority at the moment as I've got too many other things to deal with back here on the home front.  It's really aggravating having these hackers take advantage of an exploit somewhere against lil ole me, just trying to mind my own business and post my pictures on the web to share with friends and family.  Attack the big guys, who can afford full time security people to monitor their network.  I have enough of a time staying up on security with my own local network, and now I have to deal with remote exploits on my web server located down in Florida too?  *sigh*

So to all the messages I've been getting, thank you for the kind ones that are just letting me know.  And to the others comments, that assume this is of my doing and proceed to insult me, well... you can just stick it where the sun don't shine!!

PS - It's possible the spam is still going around even if the directories aren't there anymore, so if you find a current directory that's still hosting one of the scams, please reply to this and let me know.  Matter of fact, I just found that they somehow got into my images directory as well, whereas before I thought it was just my gallery directories...

Tags: ,
I'm feeling: aggravated aggravated

2 comments
Comments
From: (Anonymous) Date: July 15th, 2007 07:23 pm (UTC) (perma-link)

Yep, still have links active...

I'm afraid I received an email on 14 July with the following link to a fake eBay login page:

http://cherie-n-mike.com//images/%20/indirect/Sign%20In.htm

This is actually the result of a redirect from another site referenced in the email (peaksislandmaine.com) whom I will contact separately.

The sub-directory off of /images is named as a space (%20), so you may not see it when you list the contents of /images. Depending on what you use to list and manage the files you may not be able to see it at all, or you _may_ be able to see it by placing the space in quotes or preceeding it with a backslash (same key as the pipe (|) symbol). As a geek chick this may all make sense to you without any explanation.

I'm an experienced Unix and Linux admin. I'd be glad to lend a hand if you wish in cleaning up the filesystem and flushing out any exploits. As to updating customized code...depending on the exploit being used there may be other ways to secure the site, or if not you may just have to bite the bullet and rethink the resolution.

So, holler if you want any help. I am most easily reached as scotharkins on Gmail.



Ciao!
Scot Harkins
Greenbank, WA
(Replies frozen) (Thread)
From: (Anonymous) Date: October 9th, 2007 11:59 am (UTC) (perma-link)

It's fine. I had a question.

Hey there. I have a question. I noticed you also review books and all. Well I'm writing a story. Getting very long already. And I was wondering if you would like to review it.

I hope I'm not being too forward, and if I am, please forgive me.

You can find the story on nimja.com/frozen-youth
(Replies frozen) (Thread)
2 comments