‘Tis a productive morning!

So far today, I have created a new brochure for one of our distributors, found and fixed a very subtle and deeply-buried PHP bug in a commercial video sharing software package that a friend of mine bought, and discovered a massive Russian Business Network attack on the ISP softlayer.com in which thousands of Web sites hosted by them and their downstream customers have been compromised.

I also had a very tasty quesadilla for lunch. And it’s not even 1:00 yet.

Tonight, I think I’ll write some pr0n, track down another RBN hack attack I may have sniffed out against sites running phpBB, and try to level my warrior’s blacksmithing skill in World of Warcraft. Maybe I’ll document the security breach at Softlayer as well. Looks like a zero-day exploit against cPanel.

20 thoughts on “‘Tis a productive morning!

  1. I didn’t even wake up until 1 PM!

    Of course, I went to bed at 4 AM after having been awake 23 hours and getting only 4 hours of sleep each night for the past week 😀

  2. I didn’t even wake up until 1 PM!

    Of course, I went to bed at 4 AM after having been awake 23 hours and getting only 4 hours of sleep each night for the past week 😀

    • It looks like a very similar style of attack, the difference being that this particular attack appears to be focused on one particular ISP rather than spread out all over.

      I’ve seen speculation that the initial attack worked by infecting people’s home PCs with a garden-variety virus, which looked for popular FTP programs, read their favorites lists if it found them, then sent the FTP information back tot he originators of the attack. That way the folks responsible for the attack could gain access to the victims’ Web sites, which explained why there was no pattern in software, Web hosts, or server platform of the infected sites.

      This attack looks to be identical, but there’s a pattern to the Web sites being hijacked, which suggests the possibility they were compromised in a different way. A common thread through all of this seems to be the use of cPanel on the affected Web hosts.

  3. It looks like a very similar style of attack, the difference being that this particular attack appears to be focused on one particular ISP rather than spread out all over.

    I’ve seen speculation that the initial attack worked by infecting people’s home PCs with a garden-variety virus, which looked for popular FTP programs, read their favorites lists if it found them, then sent the FTP information back tot he originators of the attack. That way the folks responsible for the attack could gain access to the victims’ Web sites, which explained why there was no pattern in software, Web hosts, or server platform of the infected sites.

    This attack looks to be identical, but there’s a pattern to the Web sites being hijacked, which suggests the possibility they were compromised in a different way. A common thread through all of this seems to be the use of cPanel on the affected Web hosts.

  4. Beginning to wonder if you’re enough of a bother to be rubbed out yet.

    Know what I mean? I mean, if Hillary Clinton can have a man (men?) rubbed out and still be a presidential canidate a few years later, I think that the Russian mafia can elimnate you without fear. This country is too damn ignorant and lazy to do a damn thing about it, much less care.

    But for what it’s worth, I’m really impressed (again) by your leet talents.

    • Well, I think there’s some nontrivial effort and expense in having someone rubbed out from another country…and when it comes to annoying the Russian Business Network, there are plenty of people in line ahead of me.

      Knock on wood.

  5. Beginning to wonder if you’re enough of a bother to be rubbed out yet.

    Know what I mean? I mean, if Hillary Clinton can have a man (men?) rubbed out and still be a presidential canidate a few years later, I think that the Russian mafia can elimnate you without fear. This country is too damn ignorant and lazy to do a damn thing about it, much less care.

    But for what it’s worth, I’m really impressed (again) by your leet talents.

  6. Well, I think there’s some nontrivial effort and expense in having someone rubbed out from another country…and when it comes to annoying the Russian Business Network, there are plenty of people in line ahead of me.

    Knock on wood.

    • I’m all over the place. I have several high-level Horde-side characters and one level 60 Alliance-side character on Medivh, a couple of high level Alliance-side characters on Eonar (including my raiding character, a 70 mage), a Horde-side raiding character (70 warrior) on Windrunner, and low-level Horde and Alliance characters on Medivh, Earthen Ring, Doomhammer, Shandris, and Feathermoon.

  7. I’m all over the place. I have several high-level Horde-side characters and one level 60 Alliance-side character on Medivh, a couple of high level Alliance-side characters on Eonar (including my raiding character, a 70 mage), a Horde-side raiding character (70 warrior) on Windrunner, and low-level Horde and Alliance characters on Medivh, Earthen Ring, Doomhammer, Shandris, and Feathermoon.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.