varunnangia.com

Folks,

I’m seeing what looks like a new type of attack on Wordpress-powered websites (including this one), regardless of what version of Wordpress is being used. You start seeing spam in the footer, “read more” spam links, and so on, usually tagged as “babloO”/”blyat”; most of these addresses seem to resolve in Russia, but some appear elsewhere. The most obvious version of this is spam posts in the RSS feed and redirects from the homepage of this website to a PDF containing Javascript exploits.

As of this writing (2132UTC, on Thursday, 18 June, 2009), there is no acknowledgement of the issue from Wordpress developers, nor any idea how the attack is taking place. While the site is currently showing as clean, if you were redirected to a PDF, or have seen spam posts in your RSS feed, please let me know as soon as you can. If you were redirected to a PDF, please also run a check for viruses and malware on your computer if you are using any version of Adobe Acrobat on any operating system; alternative PDF readers, such as Foxit Reader or Preview.app on Mac OS X  are not believed to be vulnerable, but you are encouraged to run a check anyway, if you were redirected to a PDF.

In the interim, I am disabling as many of the plugins as I can, removing widgets and other possible sources of injection attacks, and disabling the creation of accounts. In addition, if by 1200UTC, tomorrow, Friday, 19 June, there is still known infection vector, I will revert the theme.

I apologise for any inconvenience caused to you, and ask you to contact me via a comment if you were hit in any way when using this site.

I bought a Canon Powershot SX10 IS for my birthday, and have been experimenting with it a little bit. This is one of the first shots that came out – click to see it in full size.

Yay!

• MetrO
  (tags: freeware nokia symbian s60 travel metro map)

• Post your network diagrams here.. – dslreports.com
  (tags: network maps diagrams design)
• Virtual Apple ][ — Version 4.3
  (tags: apple games emulation retro emulator)

• Xmarks releases cloud-free version for Firefox profile syncing
  (tags: bookmarks profile sync ftp)
• BBSAK: BlackBerry Swiss Army Knife – Free GUI Alternative to JL_Cmder | BerryReview.com »
  COD
  (tags: blackberry wipe utility)

• Return Boolean True: Eye-Fi
  (tags: eye-fi eyefi wireless sdcard replacement server)
• Berkeley Linux Users Group » Blog Archive » Where to Buy a Preinstalled Linux Desktop / Laptop
  (tags: linux computer preinstalled)

• Gadget Teardowns
  (tags: hardware gadgets teardown diy repair)
• Lifehacker – Speed up file copying with TeraCopy – Downloads
  (tags: copy utility windows freeware)

• Tweets60 :: Free Twitter native twitter application for Series60
  (tags: nokia symbian s60 twitter)
• ReturnOpen – FREEWARE – Open files and folders on your Mac with the Return Key,
  (tags: mac osx software keyboard)

• Tonido – Privacy and Online Freedom from third-party servers | Personal Web Applications and Private P2P Network | Tonido
  (tags: local cloud computing sync backup storage collaboration web2.0 software)

Sometime after I attempted to buy Twittix from the Ovi Store and blogged about my poor experience with them, @shbib pinged me on Twitter and suggested that the problem actually lay not with Mojosmobile or Twittix, but rather with Ovi Store. Specifically, it seemed that Ovi Store was sending out the wrong version of Twittix (the demo version) to people who had in fact paid for the whole version. More than slightly incredulous how such a thing could happen, I nonetheless did indeed forward my receipt from the Ovi Store to the address suggested and sure enough, 40 minutes later I received a response (on a Saturday, no less!) with the right version attached.

At this point of time, I’m not sure who is at fault: is it Nokia which made a mistake with Ovi Store, or is it Mojosmobile that uploaded the wrong version. What is clear from this event is that a lot more work is needed on Nokia’s part to make the Ovi Store the kind of welcoming, easy to use and universal marketplace that it aspires to be. The steps needed are relatively straightforward, but the time for execution is very short. Let’s see what the new week brings.