When all this is sorted out (and safe), I recommend some Beveled Guilt clicks - this can't be cheap/easy...
Malware Update, Again
So: we found backdoor shells and various files infected with eval() and unescape() items that turned into the nasty iframes. We decided the best thing to do was throw it all away and start from scratch.
We've changed all the passwords every twenty seconds to various strings of unintelligible gibberish. We've thrown away every bit of code from the old site and re-downloaded fresh, current items. We've scanned incessantly for injection vulnerabilities without finding any. I scanned my laptop with three different AV programs. We updated every bit of software to be the latest and greatest. The server is now in full Dwarf Fortress mode. This time I think we killed it, but these things require constant vigilance and only time will tell.
In the process we broke some things—say hello to yet another ugly, not very functional version of the board!—but right now we're just trying to get online. If/when this proves stable we'll start restoring the stuff that was broken. Cross your fingers.
Brian Cook FTW. Suck it Malware....
Anyone else experiencing the same problem?
But I can't create a new thread to discuss my opinion about what Fritz Crisler would have thought about Antonio Poole's commitment!
Also, Doc Saturday is doing his annual defense of the recruiting gurus. Today's installment was pretty interesting. Teams with better recruiting rankings in the Big 6 conferences won a collective 66% of the time--despite sub-par (based on recruit rankings) seasons from Texas, Michigan, Georgia, and Notre Dame. Notre Dame isn't uncommon, but if the other three win their average number of games over the past decade, the percentage would jump significantly.
Is this some hack attack from a jealous osu fan, or something?
purdue is pissed re: their erstwhile qb. could be them. (first snake oil, now hokus pokus)
can we get some theorists out there?
can we shut down some rival sites just to feel a little better?
this wasn't just a random event. they are out to get us.
(check behind the grassy knoll.)
I'm inclined to believe that Al Qaeda in conjunction with Danny Hope and Drew Sharp is somehow responsible...
well the original title of the malware started with osu. so i was lead to believe it started in columbus but I have found where it really orginated. It came from the campus of WVU. I'm amazed as everyone else here but the further i looked into it the clearer it became. they have been slowly planting iframes into the code of the greatest michigan website ever to get back at michigan for stealing RR and beilein. the sad thing about it is that it took over 3 years to work and RR is already gone. This tricky hill jacks down there apperently know how screw with computers. conspiracy theory number #3
This can only mean one thing:
We need an all volunteer army of al Geeka jihadists.
Kill their web sites.
Rape their blogs!
Hack up their tweets and Face Book pages.
this will not stand.
(nothing quite as sweet as revenge)
Guess those CE degrees proved valuable.
Hope you get it straightened out in a hurry./
Dwarf Fortress mode? So the whole server is going to be wiped out brutally by a swarm of rats or a posessed one-armed old woman?
The whole server will be driven out of cyberspace by Durin's Bane: A Balrog, a demon from the ancient world.
I don't understand a word you just said but I'm glad you do.
I thought it was my fault for the lousy post I had about Bush/Woodson. I figured so many people were trying to neg it at once that it broke the MGoIntertubes.
I'm very fortunate that nobody has the vote app right now.
its like 2006/2007 all over again.
Since the board isn't super useful right now, I'm going to suggest everyone take a few minutes to follow @LeakTweet on twitter and get some recently released music. Tons of albums available for download. I'm working my way through the new Talib Kweli album, "Gutter Rainbows."
It would make me feel young again.
I plus 1ed you in my heart. Not the same as replying with a clever fake username, I know.
This sort of thing never happens with Blogger, I just have to believe.
please tell me my mgopoints weren't erased! I've spent so long posting witty remarks, funny gifs, and saying whatever the masses wanted to hear that I couldn't bare going through that again...
Can't start a thread but just saw this on SI.com
What the retro?
It reminds me surfing for porn through the Newsgroups on Netscape back in the late 90's.
Netscape? Did that come on CDs like AOL?
The internet has porn? I'm still buying dirty mags from 7/11...
My anti-virus still does not want me opening forum topics on the right side. I get the red box warning every time. I might try Firefox and see if that helps.
It was like this when I first joined. memories....
I'm on a Mac running OSX 10.5.8 using FF 3.6.13.
Have any Mac users out there experienced an actual infection that they've had to remedy because of this?
I have not seen any indication of actual malware (OSX 10.5.x, chrome)
No -- from the descriptions online, it has a group of .exe files as its core, which won't run on a Mac.
I'm not sure about the situation if you have Fusion or Parallels running Windows in the background with no barriers or protection -- I suppose it could somehow find its way onto the virtual machine and infect that (the Mac side would still be fine).
"Constant Vigilance" - Mad Eye Moody
I'm just glad the gosh darn thing works (sorta). After the day I've had, if the site hadn't come up, I'd have gone out to club a baby seal.
I have to use IE to get here, but darn it, I think it was worth the effort.
I expect this is the bad side of webblogging for a living. Good to know that a Michigan technical education is still serving you well.
but it works now- Mac/Safari
Hello old friend (MGoBlog).
I've missed you.
Malware is the worst, just the worst.
Thanks for hanging in there and bring MGblog back to life. I need my daily obsession with all things Michigan!
It's still acting up for me on the forum topics.
Although i was able to post a reply to the main page posts, there are still 2 techinical difficulties I am experiencing with the MGoBoard. 1) I am unable to start a new topic. I have the required points to do so but not seeing the option on the top left of the board. 2) I also noticed that on the MGoBoard posts, when I try to post a reply there is no box for the comment part, there is just a box for the subject. Any way this can be resolved? Thanks!
Malware is awful, but this timing is awfully suspicious...
DB goes retro by hiring Hoke, mgoblog goes retro with its look...I'm just sayin...coincidence?
Let's get the "DB-MALWARE-ATTACK-TO-FORCE-PRE-RR-LAYOUT-ZOMG-QUICK-TO-THE-FLIGHT-TRACKER!!!" conspiracies rollin.