Blog Attack

Midday Thursday I received an email from my web host. My site had been taken down by them as a precaution.

Dear Mr. Geoff Fox,

You are receiving today an urgent notice regarding the security of your 1&1 account: Your 1&1 contract has been attacked by criminals.

As a consequence, malicious software (malware) has been installed on your webspace representing a severe threat to the security of your private data and others on the Internet!

IMPORTANT: For your own security and in order to prevent further harm, we have temporarily locked your 1&1 contract.

Right now, our security experts are investigating the attack and the nature of the malware. We will get back to you and unlock your contract, as soon as we received their results.

For the time being, we assume that your 1&1 webspace will be reconnected within the next 12 to 24 hours.

We would appreciate your understanding for the necessity of this measure: Your 1&1 webspace presented an imminent danger for the rights and the property of third parties. Your own data was also exposed to the arbitrary access of the hackers.

Last but not least, you were in danger of being held liable for all criminal actions controlled by the malware. It is after these considerations that we processed the lock.

Thank you in advance for your cooperation. We look forward pursuing our good cooperation.

Best regards

Abuse Team

I have some files to remove and some decisions to make. Because my blog has been up so long (over 10 years) there is undoubtedly some legacy code which might be vulnerable. Because the content and structure of the site are separate I could do a totally fresh install of WordPress, then import the old entries. I’m really not sure.

More on this later.

7 thoughts on “Blog Attack”

  1. 1&1 is a bit of a sad operation. I’d research other opportunities. Even their email didn’t make a whole lot of sense other than “the sky is falling so we shut you down, don’t be mad at us, you could be liable if there was trouble”

    Silly people.

    1. It looks like some of the files 1&1 found were from 2010. My guess is they’ve changed their cleansing technique and found remnants of older stuff that’s already been neutered.

  2. At least they found the malware, even though it has been hanging around for the past 3 yrs. It is getting to the point that technology is not always that great. When you sign on to the internet, you wonder who is going to try & hack into your computer or website?

  3. The message I got was even wierder! It basically told me that “You have no purpose to enter this account!. At first, I thought it was a fluke because I had gone directly from listening to a folk program on WSHU, to the blog. But then I tried again, directly to the site, and got the same message. Hopefully,the blog was already shut down (and it sounds like it was).
    The email you rec’d sounded like it was written by someone out of this country! Hopefully, you will figure this out—10 yrs is a long time to have kept this blog running.

Leave a Reply

Your email address will not be published. Required fields are marked *