March 25, 2010

Hack Attack

So my site got hacked a couple of hours ago by someone using the email address john@chetkoe.tv. (Its IP is 66.36.229.21). Somehow it made itself an administrator of this blog. However, the bugfucker had not yet done much damage before the plug was pulled on its shenanigans… I think. Right now, I’m just waiting to hear back from anyone who knows shit from shinola about computers.

In other news, James “The Amazing” Randi has come outta the closet at the grand age of 81. The fact that he’s gay is probably not a big surprise for most of his fans, but I find it pretty cool that he even bothered to announce it at this point. His great books, those hilarious sting operations against various scumbags, his magnificent beard, and his tireless promotion of scientific principles have all been a big inspiration.

If you have the time to read a brilliant perspective on suburban teenage life, check out Paul Graham’s terrific essay on Why Nerds Are Unpopular.

The animated GIF at right was stolen from the purely visual Three Frames blog. Its image comes from the classic trash film Class of 1984, an excellent entertainment.

Laughing Hyenas – “Just Can’t Win”

Rick at 4:52 am

Comments (17)

17 CommentsÈ

  1. I just had john@chetkoe.tv register on my site. I thought it strange to get a new user when I don’t have a registration link! Googled the address and got to your site. He didn’t get far enough to become a admin on my site.

    Comment by sean Ñ March 25, 2010 @ 8:58 am

  2. John@chetkoe.tv is probably trying to take advantage of a hack in WordPress from many months ago. That hack has been fixed in a more recent version.

    Comment by Christian Lee Ñ March 25, 2010 @ 12:58 pm

  3. Same script kiddie tried on mine. Post his ip to a global blacklist. Make sure you’re WP version is up to date.

    Comment by Tony hunt Ñ March 25, 2010 @ 7:26 pm

  4. FYI just blacklist the ip.

    http://www.malwaredomainlist.com/mdl.php?search=66.36.229.21&colsearch=All&quantity=50

    only one hit and it’s malicious.

    Comment by Tony hunt Ñ March 25, 2010 @ 7:36 pm

  5. I updated WP and that seemed to remove the fake user accounts, at least long enough to change all my passwords, etc. (He had rigged the “Users” tab to immediately redirect to his spam factory site, so I couldn’t even edit the accounts at all until after doing a clean install of WP.) I use Bannage for a blacklist but it never seems to work on even when I explicitly add bad IPs or email addresses. Never seen evidence that it has blocked anything. Anyway, glad I’m not the only victim. We’ll form a 12-step vigilante group.

    Comment by Rick Ñ March 25, 2010 @ 7:43 pm

  6. This article was fun to read.

    Thanks

    I’m Richard

    Comment by Richard Ñ April 6, 2010 @ 2:36 pm

  7. Hi, Richard!

    Comment by Rick Ñ April 6, 2010 @ 2:41 pm

  8. john@chetkoe.tv registered on my site too but did no damage [I hope].
    I usually check out a new registering user by googling their address and
    I came up with your site so I buggered him away. Thanks.

    gfh

    Comment by gfh Ñ April 15, 2010 @ 7:52 pm

  9. Thanks for posting! He tried the same thing this morning, but I stopped him.

    Comment by TheJP Ñ April 16, 2010 @ 5:23 am

  10. He just registered on my WP install as well. Googled his email, found this site, and just wanted to say thanks for the info!

    Comment by Ryan Ñ April 16, 2010 @ 5:54 am

  11. He tried the same thing on mine awhile ago.

    Comment by Zane Ñ April 17, 2010 @ 12:13 am

  12. He did the same on my blog, but he couldn’t move up in the users rank!!

    To be secure from future attempts, just go to Settings > General.- – If you don’t want users to registed, uncheck the “Anyone can register” box – Change “New User Default Role” & choose subscriber

    Comment by ShantDotMe Ñ April 19, 2010 @ 7:12 am

  13. yes, this bugfucker probably from Russia registerated an account named “Joe”, but yet have not done any damage to my website.

    Comment by Suz Ñ April 19, 2010 @ 8:53 pm

  14. He registered at my Wordpress site – again as jos.
    I am deleting him.

    Ken Weide – Web Guru

    Comment by Ken Weide Ñ April 23, 2010 @ 1:53 am

  15. I had the same User register on my wordpress blog
    http://www.jsbutlerstudio42.com on April 16,2010 at 2:01 am.
    Username jos

    Comment by Jacqueline Butler Ñ November 14, 2010 @ 11:00 am

  16. He just registered on my WP install as well. Googled his email, found this site, and just wanted to say thanks for the info!

    Comment by Melanie Conley Ñ December 24, 2010 @ 12:22 am

  17. Just yesterday I got a member ‘rosebabe’ with rose.198631@yahoo.co.uk
    email.
    Also kind of malicious user. Aware!

    Comment by Andy Show Ñ April 6, 2011 @ 9:04 am

RSS feed for comments on this post.

Leave a comment

Navigate

Archive

Music

Credits

And...


Support Bloggers' Rights!
Support Bloggers' Rights!