{"id":378,"date":"2012-06-22T20:49:50","date_gmt":"2012-06-22T19:49:50","guid":{"rendered":"http:\/\/www.brucewiggins.co.uk\/?p=378"},"modified":"2012-06-22T20:49:50","modified_gmt":"2012-06-22T19:49:50","slug":"website-compromised-20th-22nd-june-2012","status":"publish","type":"post","link":"https:\/\/www.brucewiggins.co.uk\/?p=378","title":{"rendered":"Website Compromised 20th &#8211; 22nd June, 2012"},"content":{"rendered":"<p>I&#8217;m very sorry to report that my website was hacked and was delivering malware between 20th &#8211; 22nd June, 2012. \u00a0Google Chrome picked it up straight away, and my virus checker (MS Security Essentials) cleaned instantly, but if you have visited the site recently, it would be a good idea to clear your browser cache and run a full virus scan. \u00a0The two exploits are reported as being:<\/p>\n<p><a href=\"http:\/\/www.microsoft.com\/security\/portal\/Threat\/Encyclopedia\/Entry.aspx?name=Trojan%3aJS%2fBlacoleRef.BG&amp;threatid=2147657687\" target=\"_blank\">Trojan:JS\/BlacoleRef.BG<\/a><br \/>\n<a href=\"http:\/\/www.microsoft.com\/security\/portal\/Threat\/Encyclopedia\/Entry.aspx?name=Exploit%3aJava%2fCVE-2012-0507.AV&amp;threatid=2147656667\" target=\"_blank\">Exploit:Java\/CVE-2012-0507.AV<\/a><\/p>\n<p>Looking at more details of the CVE exploit, it seems that it could have been targeting Macs, but I can&#8217;t be sure. \u00a0For example, see <a href=\"http:\/\/community.websense.com\/blogs\/securitylabs\/archive\/2012\/04\/16\/is-the-cve-2012-0507-the-best-toolkit-to-exploit-mac-os-x.aspx\" target=\"_blank\">this link<\/a>, while the BlacoleRef is targetted at Windows (see <a href=\"http:\/\/www.zimbio.com\/Latest+Computer+Threats\/articles\/_eaQcm0pMPx\/Got+Infected+Trojan+js+blacoleref+v+Step+step\" target=\"_blank\">this link<\/a> for a different variant of the same trojan).<\/p>\n<p>If your OS patches and anti-virus are up to date, then there shouldn&#8217;t be a problem, but please check to be sure.<\/p>\n<p>After discussing the issue with my web host, we think we have identified how the exploit happened, and fixed the issue (my first attempt at cleaning the virus worked, but the site got reinfected soon after&#8230;.it&#8217;s all clean now). \u00a0 The free<a href=\"http:\/\/sitecheck.sucuri.net\/scanner\/\" target=\"_blank\"> Securi Sitecheck<\/a> website scanning tool was invaluable in this task, and for this free service, I thank you!<\/p>\n<p>Sorry about this if it&#8217;s caused you any issues&#8230;.normal service should now resume!<\/p>\n","protected":false},"excerpt":{"rendered":"<p>I&#8217;m very sorry to report that my website was hacked and was delivering malware between 20th &#8211; 22nd June, 2012. \u00a0Google Chrome picked it up straight away, and my virus checker (MS Security Essentials) cleaned instantly, but if you have visited the site recently, it would be a good idea to clear your browser cache &hellip; <\/p>\n<p class=\"link-more\"><a href=\"https:\/\/www.brucewiggins.co.uk\/?p=378\" class=\"more-link\">Continue reading<span class=\"screen-reader-text\"> &#8220;Website Compromised 20th &#8211; 22nd June, 2012&#8221;<\/span><\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[12],"tags":[],"class_list":["post-378","post","type-post","status-publish","format-standard","hentry","category-web-development"],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p2iYFT-66","jetpack_likes_enabled":true,"jetpack-related-posts":[{"id":389,"url":"https:\/\/www.brucewiggins.co.uk\/?p=389","url_meta":{"origin":378,"position":0},"title":"Website Hacking Update","author":"Bruce Wiggins","date":"July 4th,  2012","format":false,"excerpt":"It's taken some time, but as I'm getting a few hits on my website from people searching for information on the malware that was inserted onto my website, I thought I'd make what we've found out so far public. As mentioned already, the malware most obviously installed on the website\u2026","rel":"","context":"In &quot;Web Development&quot;","block_context":{"text":"Web Development","link":"https:\/\/www.brucewiggins.co.uk\/?cat=12"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":66,"url":"https:\/\/www.brucewiggins.co.uk\/?p=66","url_meta":{"origin":378,"position":1},"title":"Ambisonic Music Creation Grou.ps Site","author":"Bruce Wiggins","date":"July 14th,  2010","format":false,"excerpt":"This year I created a Ning networking site to support a 2nd year assignment in the module Computer Music Systems on our Music & Media Technology courses.\u00a0 The idea was to create a persistent site that was accessible by more than just one course\/module at the University of Derby, and\u2026","rel":"","context":"In &quot;Ambisonics&quot;","block_context":{"text":"Ambisonics","link":"https:\/\/www.brucewiggins.co.uk\/?cat=3"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":570,"url":"https:\/\/www.brucewiggins.co.uk\/?p=570","url_meta":{"origin":378,"position":2},"title":"Rosetta Surround Performance Binaural Stream &#8211; 7.30pm 7th June","author":"Bruce Wiggins","date":"June 4th,  2014","format":false,"excerpt":"The surround sound Rosetta performance by Sigma 7 (at Derby Theatre, 7.30pm 7th June) will be streamed live with Binaural Audio (wear headphones for 3D audio) at http:\/\/sigma7rosetta.co.uk\/ . \u00a0Multi-channel Videos will also be available after the show, and they'll also be a Sound on Sound article about the event\u2026","rel":"","context":"Similar post","block_context":{"text":"Similar post","link":""},"img":{"alt_text":"Sigma7","src":"https:\/\/i0.wp.com\/www.brucewiggins.co.uk\/wp-content\/uploads\/2014\/06\/Sigma7-300x168.jpg?resize=350%2C200","width":350,"height":200},"classes":[]},{"id":549,"url":"https:\/\/www.brucewiggins.co.uk\/?p=549","url_meta":{"origin":378,"position":3},"title":"Rosetta &#8211; Sigma 7 Surround Show 7th June 2014","author":"Bruce Wiggins","date":"May 13th,  2014","format":false,"excerpt":"John Crossley, programme leader for the MA in Music Production (at University of Derby) is putting together a not-to-be missed sound audio-visual experience during the BIG SHOW on June 7th at the Derby Theatre. \u2018Rosetta\u2019 is an original music suite inspired by the Europeans Space Agency\u2019s \u2018Comet Chaser\u2019 satellite as\u2026","rel":"","context":"Similar post","block_context":{"text":"Similar post","link":""},"img":{"alt_text":"Rosetta Surround Flyer","src":"https:\/\/i0.wp.com\/www.brucewiggins.co.uk\/wp-content\/uploads\/2014\/05\/BnDaNykCUAIGfuN-300x212.jpg?resize=350%2C200","width":350,"height":200},"classes":[]},{"id":545,"url":"https:\/\/www.brucewiggins.co.uk\/?p=545","url_meta":{"origin":378,"position":4},"title":"Sounds in Space 2014 &#8211; 30th June","author":"Bruce Wiggins","date":"May 7th,  2014","format":false,"excerpt":"Our yearly Sounds in Space symposium is shaping up to be a great event. \u00a0We have a talk from the BBC's Chris Pike confirmed as the keynote (on object-based broadcasting with examples played over our 20 speaker 3D rig) and further talks on subjects such as surround bone conduction audio,\u2026","rel":"","context":"Similar post","block_context":{"text":"Similar post","link":""},"img":{"alt_text":"Sounds In Space Poster 2014","src":"https:\/\/i0.wp.com\/www.brucewiggins.co.uk\/wp-content\/uploads\/2014\/04\/Sounds-In-Space-Poster-2014-211x300.png?resize=350%2C200","width":350,"height":200},"classes":[]},{"id":311,"url":"https:\/\/www.brucewiggins.co.uk\/?p=311","url_meta":{"origin":378,"position":5},"title":"8 Channel Files and HTML5","author":"Bruce Wiggins","date":"March 23rd,  2012","format":false,"excerpt":"This is a simple 8 channel test file with Microsoft Anna reporting speakers to you.... Ogg Vorbis : Looks like your browser does not support HTML 5. AAC : Looks like your browser does not support HTML 5. WAVE : Looks like your browser does not support HTML 5.","rel":"","context":"In &quot;Web Development&quot;","block_context":{"text":"Web Development","link":"https:\/\/www.brucewiggins.co.uk\/?cat=12"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]}],"_links":{"self":[{"href":"https:\/\/www.brucewiggins.co.uk\/index.php?rest_route=\/wp\/v2\/posts\/378","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.brucewiggins.co.uk\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.brucewiggins.co.uk\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.brucewiggins.co.uk\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.brucewiggins.co.uk\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=378"}],"version-history":[{"count":1,"href":"https:\/\/www.brucewiggins.co.uk\/index.php?rest_route=\/wp\/v2\/posts\/378\/revisions"}],"predecessor-version":[{"id":379,"href":"https:\/\/www.brucewiggins.co.uk\/index.php?rest_route=\/wp\/v2\/posts\/378\/revisions\/379"}],"wp:attachment":[{"href":"https:\/\/www.brucewiggins.co.uk\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=378"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.brucewiggins.co.uk\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=378"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.brucewiggins.co.uk\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=378"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}