dblog.aldacron.net is BLACKLISTED Again
Vladimir Panteleev
vladimir at thecybershadow.net
Sun Apr 13 20:13:30 PDT 2014
On Saturday, 12 April 2014 at 09:36:42 UTC, Kagamin wrote:
> On Saturday, 12 April 2014 at 06:38:16 UTC, Andrej Mitrovic
> wrote:
>> Unbelievable. 40$ to delete a file.
>
> Sounds like the virus opposes naive deletion. One should first
> need to find its guard. Well, anyway, such things require
> security specialist, so they cost money.
>
> Mike should delete everything from the current site. Hope that
> will stop further distribution of the virus.
I think the question should be asked, "How did that file got
there?"
Was there a security hole in the blog software?
Was the password guessed, sniffed or stolen?
(There exists Windows malware that steals saved FTP/SCP
passwords...)
Until the security hole is closed for good, the file may reappear
again.
I would suggest looking at the file's modification time, and
checking the HTTP / FTP access logs for suspicious activity
around that time.
More information about the Digitalmars-d-announce
mailing list