Papawswrench
Well-known member
Wednesday my website, www.papawswrench was hacked and is infected with malware. I would advise GJ members to not go to Tool Talk for a while. I am working on solutions.
Malware attack on Tool Talk
- Thread starter Papawswrench
- Start date
Stuey
Well-known member
Sorry to hear about that, I hope it's all fixed and settled soon!
Sorry to hear this. I hope you get it fixed soon.
The NSA is building a cyber security center here in Utah. When it is online, they will start monitoring our web browsing and reading all of our email. This will help keep us all safe from these types of attacks in the future.
http://www.ksl.com/?nid=148&sid=8421318
The NSA is building a cyber security center here in Utah. When it is online, they will start monitoring our web browsing and reading all of our email. This will help keep us all safe from these types of attacks in the future.
http://www.ksl.com/?nid=148&sid=8421318
StupidHippie
Well-known member
...and you believe this?
truckdriver
Well-known member
Sorry to hear this. I hope you get it fixed soon.
The NSA is building a cyber security center here in Utah. When it is online, they will start monitoring our web browsing and reading all of our email. This will help keep us all safe from these types of attacks in the future.
http://www.ksl.com/?nid=148&sid=8421318
I don't believe in black helicopters, don't wear a tin foil hat, and think the best part of Alex Jones ran down the crack of his mommas hind end and ended up as a brown stain on the mattress, but you are very naive if you actually believe what you just posted.
sumner52000
Well-known member
Thanks for the heads up. I just tried to use my link to tool talk in my favorites and it blocked me. Good luck getting it fixed. I really enjoy the site and am amazed at the knowledge of the members.
jabberwoki
Well-known member
Bummer mate let us know when it`s back up
I'm sure the 2 are unrelated but I spent a good part of the morning changing passwords and getting my paypal card canceled. I receive emails when when my card is used and after a long night of railroading I checked my emails and noticed a charge that I didn't iniate. I called paypal and they informed me that my account was on hold account multiple suspicious charges from Dubai and Great Britian. Good time.... Looks like I'll be reformatting my computer when I get home, not sure if it was compromised but I would rather be safe than sorry.
kc-steve
Well-known member
Sorry to hear about it. I've mentioned it on another thread before, but the virus attacks and spyware is getting real bad these days. Anyone that isn't using at LEAST a minimum of a security suite with firewall is taking chances of getting hacked. And be careful where you go on the Internet. Some new security software have lists of known hacker sites and will stop you from going there (proactive).
I wish the laws were enforced and made stricter, . . . like maybe ten years in prison for the first offense.
I've had to waste too much time defending against that stuff and have lost a lot in replacing hard drives etc. Some are so bad you have no choice but to replace the hard drive because they reproduce themselves if you don't.
Steve
I wish the laws were enforced and made stricter, . . . like maybe ten years in prison for the first offense.
I've had to waste too much time defending against that stuff and have lost a lot in replacing hard drives etc. Some are so bad you have no choice but to replace the hard drive because they reproduce themselves if you don't.
Steve
Last edited:
I had my ebay account hacked a few years ago. That was during a hiatus when I never logged in for over 6 months prior. It turned out that multiple accounts (I don't know how many but it was many hundreds or more) got the same hack according to the forum chatter. Ebay never acknowledged it and tried to blame it on me. I don't store passwords and mine was extremely difficult to brute force guess. I think it was an inside job or someone hacked into ebay and got access that way. I suspect your account on paypal may have also been an inside job. I know a few x-ebay/paypal systems administrators and they told me stories you really don't want to hear, all under the Meg Whitman's regime. Basically, someone hacked a bunch of accounts and bulk listed a bunch of stuff, changed the E-Mail contact so I was never notified and sold a whole bunch of stuff on buy-it-now, kept the money and never shipped the goods and trashed my feedback in the process. Although ebay never acknowledged a problem they quickly cleaned up the mess and my account was magically restored to its prior state. That really pissed me off because none of us ever found out what happened. Additionally, all of the forum chatter about this was mysteriously removed, too.
Zrexxer
Well-known member
Yeah, and once you've tracked down that bottom-rung footsoldier working for a third-world organized crime ring out of an internet cafe in Lagos Nigeria, guess what... you're still screwed.I wish the laws were enforced and made stricter, . . . like maybe ten years in prison for the first offense.
It's another country - our laws don't apply.
kc-steve
Well-known member
There's not a lot we can do even against murderers running back to Mexico but that doesn't mean give up altogether. There are hackers here too. Throw a few in jail and suddenly things improve, ya know?
Steve
Not many hackers here. Our education system has pretty much collapsed and our teenagers don't have the requisite skills to do this stuff.
Most of them are coming from China and the eastern bloc. I watch this stuff daily. I have a "honeypot" running on my home network DMZ and it is amazing to watch where the attacks come from.
Most of them are coming from China and the eastern bloc. I watch this stuff daily. I have a "honeypot" running on my home network DMZ and it is amazing to watch where the attacks come from.
american lockpicker
Banned
Sorry to hear this. I hope you get it fixed soon.
The NSA is building a cyber security center here in Utah. When it is online, they will start monitoring our web browsing and reading all of our email. This will help keep us all safe from these types of attacks in the future.
http://www.ksl.com/?nid=148&sid=8421318
kc-steve
Well-known member
You're probably right about several things. I have the capability of spotting hackers and then blocking their IP# from seeing me or my websites. The few times I needed to do that were against a Saudi and a German. It gets their attention when you are basically saying, "I know who ya are."
But from my experience, the biggest problem is picking up viruses and spyware from specific websites. And it is getting worse.
Steve
Wrenches of Death
Well-known member
You can prevent a multitude of problems through your HOSTS file. Do a quick read here:
http://www.mvps.org/winhelp2002/hosts.htm
WoD
Stuey
Well-known member
I receive many, many emails each day about IPs that are temporarily blocked for too many connections or permanently blocked for unauthorized access attempts.
A simple anti-virus or anti-malware program is important, although spyware is more easily combatted these days than it used to be. I remember having to spend much time cleaning up other people's computers because they clicked on things they shouldn't have and went to commonly infected or malware-distributing sites.
A simple anti-virus or anti-malware program is important, although spyware is more easily combatted these days than it used to be. I remember having to spend much time cleaning up other people's computers because they clicked on things they shouldn't have and went to commonly infected or malware-distributing sites.
HandyManny
Well-known member
Sorry to hear this. I hope you get it fixed soon.
The NSA is building a cyber security center here in Utah. When it is online, they will start monitoring our web browsing and reading all of our email. This will help keep us all safe from these types of attacks in the future.
http://www.ksl.com/?nid=148&sid=8421318
Yeah that's just what we need, the government trying to protect us from ourselves, or at least that's what they want us to think. No thanks!!! Hello we're the US Government and we're here to help you! Yeah right, beware of a statement like that! Ever hear of Sen. Joseph McCarthy???
Last edited:
Picking up infections is very easy to mitigate. If you're using Win then it's real easy. You just keep your machine patched and you run a competent virus scanner like Nod32 or Norton Antivirus. You also stay away from Internet Explorer and run something like Chrome or Firefox and keep it patched. That's all I do and I have never had an infection and I have over 10 systems including laptops and netbooks that are connected all the time. I once let an old machine lapse because I was shutting it down and left it on past the antivirus subscription and it got hacked, but that was my fault.
But, the sad fact of the matter is, most casual users I know do not keep their machines patched and they aren't running any antivirus package. And worse yet, they are running Internet Exploder.
But, the sad fact of the matter is, most casual users I know do not keep their machines patched and they aren't running any antivirus package. And worse yet, they are running Internet Exploder.
That is definitely a solution but the web experience on even the best Linux desktop environments is a little deficient, still.
I make my living designing and troubleshooting large Linux compute farms and I would not really recommend a Linux desktop yet. Even now, I run a Win7Pro with a vncviewer to my shell machine which is headless.
I make my living designing and troubleshooting large Linux compute farms and I would not really recommend a Linux desktop yet. Even now, I run a Win7Pro with a vncviewer to my shell machine which is headless.
One word Linux.
kc-steve
Well-known member
That's the best advice anyone can give. I do ALL those things and have used the full gambit of anti-virus suites including Webroot which is probably the best there is against spyware, but I still get attacks all the time. Webroot is proactive telling me not to go to known infected websites. But I still usually have to run a full-scan 2 or 3 times a week just to make sure I'm clean before logging into anything -- to be safe. I wouldn't call that "easy."
It seems even your everyday news source is getting loaded up with spyware in their advertisements these days. And many website owners aren't even aware of it because all they do is copy the code and paste it on their site. Just take notice yourself at how many times you might see a Harbor Freight advertisement on sites that aren't even tool related. Then realize the ads are "spying" on your surfing habits.
All you can do is just try to stay safe these days.
Steve
Last edited:
ARAMP1
Well-known member
And I thought it was just me. I just told a guy that I'd take a ratchet he had for sale. 
dwm
Well-known member
There are a number of ways to get back some of the time you spend dealing with Windows security issues. One is to switch operating systems where it makes sense. I've been using some flavor of unix for 20 years for desktops, laptops and servers and I haven't regretted it. Today's choice for the user who doesn't have time to delve into command-line usage would be OS X (Apple), assuming you're fed up enough to make an investment in new hardware. Another alternative is a desktop-oriented linux distribution (ubuntu or the like). I personally prefer OS X for desktops and laptops but have several desktop machines running FreeBSD (including the one I'm typing from right now).
Another option is to run exposed applications under a VM that's snapshotted regularly. At least then when you have a breach, it's limited in scope and can be restored to an earlier point in time with little fuss and you can still get work done while the VM is being restored.
And of course if you're running regular backups, you can restore from backup. The lack of backups is probably the number one thing that causes trouble for most users. I run daily backups (all unattended except for my laptop) because I can't afford to lose more than a day's worth of work.
For the OP's issue... was this on a hosting service? If not, that's a good route if you're not fussy about having complete control over the content. If it was hosted, a good hosting service should be able to restore your site quickly.
Another option is to run exposed applications under a VM that's snapshotted regularly. At least then when you have a breach, it's limited in scope and can be restored to an earlier point in time with little fuss and you can still get work done while the VM is being restored.
And of course if you're running regular backups, you can restore from backup. The lack of backups is probably the number one thing that causes trouble for most users. I run daily backups (all unattended except for my laptop) because I can't afford to lose more than a day's worth of work.
For the OP's issue... was this on a hosting service? If not, that's a good route if you're not fussy about having complete control over the content. If it was hosted, a good hosting service should be able to restore your site quickly.
You also need to keep your browser patched. I forgot about that one. It's easy, just do 'help:about' or 'help:check of updates' or something like that.
You can use things like adblock add-ins (variations, too) to clean up your browsing windows. Adblock is amazing. Just try it on something like yahoo and see the difference. Amazing.
Win7 has some decent built-in stuff, too.
I also use adaware to scan for things left.
And, this is all from a guy who makes his living deep into Linux and UNIX and a supposed Windows-hater. My colleagues in the open source community call me a traitor. I call myself practical.
You can use things like adblock add-ins (variations, too) to clean up your browsing windows. Adblock is amazing. Just try it on something like yahoo and see the difference. Amazing.
Win7 has some decent built-in stuff, too.
I also use adaware to scan for things left.
And, this is all from a guy who makes his living deep into Linux and UNIX and a supposed Windows-hater. My colleagues in the open source community call me a traitor. I call myself practical.
kc-steve
Well-known member
Same here. . . I would have gone the Linex route years ago but I have too much money invested in Windows related software. I had to use restore on my Win7 just last week. I ended the previous day doing a full-scan then "shut-down when complete." The next day my computer would NOT load Windows, but allowed me to "restore" to an earlier date. Even the current hard drive is less than 3 months old because of similar difficulties. Fortunately, I keep my personal files on a separate drive.
When things like that happen it angers the hell out of me. I really can't imagine how anyone else gets by without at least a security suite.
Steve
Gort the giant robot
Well-known member
Papaw, I am lost without Tool Talk I have not slept in 3 days. I did pick up a nice PLVMB tool box today.
Gort the giant robot AKA EvilDr235
Gort the giant robot AKA EvilDr235
Stuey
Well-known member
That is highly abnormal. Any average computer just cannot be "hacked" or infected with a virus or malware if it is just left idle without an anti-virus or internet security program active.
At work I got by without an anti-virus program for years until a virus was transferred to my computer via a thumb-drive because someone thoroughly infected a shared equipment control computer.
*knock on wood* I do run anti-virus these days, but haven't had any alerts or quarantined files in months, and I'm online a LOT. Every so often google will block access to a compromised site, or my browser or AV program will issue a warning, but I don't recall when this happened last.
Regarding personalized advertisements, it bugs me too, but there are ways to block and opt-out of these programs.
lbgradwell
Well-known member
The news is very bad; it currently seems all the forum posts have been lost! I hope this does not prove to be accurate and all that historical reference material can somehow be recovered.
I've been a member there since 2005 or 2006 and it is one of my favourite sites.
I've been a member there since 2005 or 2006 and it is one of my favourite sites.
I also hope this is not true. The site is information-rich, drama-free, and run by a gentleman.
Stuey
Well-known member
Maybe there was a backup somewhere, either saved by Papaw or his web host.
lbgradwell
Well-known member
Not by Papaw and he is not aware of a backup with the host.
If you know any tricks, Stuey, I am sure he would be very happy to hear from you (or any others, for that matter)...
kc-steve
Well-known member
I think you misunderstood from my attempt to skip several usual points. I had been surfing the Internet and obviously picked up a NASTY virus or spyware. When the virus scan resulted in a find, then a quarantine, it likely yanked an important part of the Win7 program along with it. The Win7 allowed me to go to an earlier date when things worked fine.
It is quite normal for me to quarantine anywhere from 3 to 44 viruses and spyware files during EACH FULL virus scan. It also happens occasionally that I don't find any. But I think where most of it comes from is advertisements located on websites. And I am not sure just "blocking" an advertisement is going to keep your hard drive safe. That's sort of like covering your eyes to make sure you don't get murdered, ya know? Just because you didn't see it doesn't mean your HD isn't infected. Same goes for anti-virus programs, ignorance is bliss I guess, but I sure don't want to find out my HD is compromised when I get a large bill from PayPal, hacked website, or something similar.
Steve
Last edited:
kc-steve
Well-known member
Actually, the web designer/host should be able to use the control panel to recreate the website from an earlier time if it is backed up. Mine are all backed up daily, weekly, and monthly. I would just pick the latest time the site worked fine then restore it. Maybe even go back a little further to make sure any possibility of the "hack" was not present.
In a worse case scenario, you can rebuild the website then use the OLD DATA BASE files to recreate the previous information on the new website.
Steve
Last edited:
+1 Bull, Great site, I enjoy the info and courteous tone on the forums.
Good luck pawpaswrench!
Stuey
Well-known member
Ah, okay, I got it now.
But I still don't quite see the correllation between ad networks that use tracking cookies and infected hard drives that lead to hacked PayPal accounts.
Just because google's ad network follows which sites you visit and which ads are best (most profitable) for them to serve up to you, doesn't mean that can access anything on your computer, let alone PayPal passwords.
Opting-out of the program means that those google tracking cookies won't be saved on your computer.
Yep, that's what I meant. If forum software is anything like blogging software, as long as the database tables are intact o retrievable, there shouldn't be too much data permanently lost.
OP
Papawswrench
Well-known member
Papawswrench.com is currently being restored. It was hosted by Dreamhost from the beginning and had very few issues with the hosting. Now it seems the malware attacks came through them, but they won't accept any responsibilty. Their support has been minimal on this, so I have switched hosting services. Papawswrench will be back soon, but Tool Talk will take a bit longer and will be on a different forum software. Since the php files were infected, they are lost. Most old threads, pictures, member lists, etc. are lost, it will be just like starting over.
I started Papawswrench in 2005 and Tool Talk in 2006, so a lot of years of work are gone forever, but I will not be discouraged!
ARAMP1- PM me with the name of the owner of that ratchet, and if I can, I will contact him and get you guys together.
I started Papawswrench in 2005 and Tool Talk in 2006, so a lot of years of work are gone forever, but I will not be discouraged!
ARAMP1- PM me with the name of the owner of that ratchet, and if I can, I will contact him and get you guys together.