{"id":11998,"date":"2013-12-11T09:41:37","date_gmt":"2013-12-11T19:41:37","guid":{"rendered":"http:\/\/www.debito.org\/?p=11998"},"modified":"2013-12-11T09:41:37","modified_gmt":"2013-12-11T19:41:37","slug":"blog-biz-debito-org-hacked-down-for-nearly-two-weeks-now-back-up","status":"publish","type":"post","link":"https:\/\/www.debito.org\/?p=11998","title":{"rendered":"BLOG BIZ: Debito.org hacked, down for nearly two weeks, now back up"},"content":{"rendered":"

eBooks, Books, and more from ARUDOU Debito (click on icon):
\n\"Guidebookcover.jpg\"<\/a>\"japaneseonlyebookcovertext\"<\/a>\"Handbook<\/a>\"\"<\/a>\"\u300c\u30b8\u30e3\u30d1\u30cb\u30fc\u30ba\u30fb\u30aa\u30f3\u30ea\u30fc\u3000\u5c0f\u6a3d\u5165\u6d74\u62d2\u5426\u554f\u984c\u3068\u4eba\u7a2e\u5dee\u5225\u300d\uff08\u660e\u77f3\u66f8\u5e97\uff09\"<\/a>\"sourstrawberriesavatar\"<\/a>\"debitopodcastthumb\"<\/a>\"\"<\/a>
\nUPDATES ON TWITTER: arudoudebito
\nDEBITO.ORG PODCASTS on iTunes, subscribe free
\n“LIKE” US on Facebook at http:\/\/www.facebook.com\/debitoorg<\/a>
\nhttp:\/\/www.facebook.com\/handbookimmigrants<\/a>
\nhttps:\/\/www.facebook.com\/JapaneseOnlyTheBook<\/a>
\nhttps:\/\/www.facebook.com\/BookInAppropriate<\/a><\/p>\n

Hi Blog. It’s good to be back after nearly two weeks of being down after being hacked. Just a brief paragraph recap of what happened for those who are interested:<\/p>\n

On November 29, I tried to log in but found that my password wouldn’t work. I got in touch with my provider but they were slow in answering, and after being bounced between a couple of helpful and unhelpful techies, I got signed up for a cleaning-out service. This took some time, as Debito.org after nearly two decades of service has accumulated around 16 GBs of data. But once that was cleaned out, I still had trouble logging in. So I had to manually update themes and change passwords here and there, only to find out that the only password that would now work to avail me of this dashboard was the old one (I’ve now gotten in and changed it officially via the blog dashboard). So here we are, back, as of this morning, ready to resume discussion.<\/p>\n

Meanwhile, the question remains, who hacked Debito.org and why?<\/strong> Several techies wrote to me saying that WordPress is particularly vulnerable to hacks and spiders that implant viruses with delayed infection times. I don’t doubt that, but hours after Debito.org was taken offline, I got this weird message:<\/p>\n

======================
\nBegin forwarded message:<\/em><\/strong><\/p>\n

From: <dvib7om+7tzkj4@guerrillamail.com><\/em>
\n Subject: All your base are belong to us<\/em>
\n Date: December 1, 2013 at 7:57:47 PM HST<\/em>
\n To: “debito@debito.org” <debito@debito.org><\/em>
\n Return-Path: <dvib7om+7tzkj4@guerrillamail.com><\/em>
\n X-Original-To: debito@debito.org<\/em>
\n Delivered-To: x9560096@homiemail-mx2.g.dreamhost.com<\/em>
\n Received: from alc-junkmail-backend3.dreamhost.com (caiajhbdcaib.dreamhost.com [208.97.132.81]) by homiemail-mx2.g.dreamhost.com (Postfix) with ESMTP id 43058448606 for <debito@debito.org>; Sun, 1 Dec 2013 21:58:58 -0800 (PST)<\/em>
\n Received: from localhost (localhost [127.0.0.1]) by alc-junkmail-backend3.dreamhost.com (Postfix) with ESMTP id 3F4171616045 for <debito@debito.org>; Sun, 1 Dec 2013 21:58:58 -0800 (PST)<\/em>
\n Received: from connor.dreamhost.com ([208.97.132.205]) by localhost (alc-junkmail-backend3.dreamhost.com [208.97.132.104]) (amavisd-new, port 10024) with ESMTP id Nbkua-ThjKXQ for <debito@debito.org>; Sun, 1 Dec 2013 21:58:58 -0800 (PST)<\/em>
\n Received: from guerrillamail.com (mail.guerrillamail.com [198.143.169.10]) by connor.dreamhost.com (Postfix) with ESMTP id AB6042CA800C for <debito@debito.org>; Sun, 1 Dec 2013 21:58:57 -0800 (PST)<\/em>
\n Received: by 198.143.169.10 with HTTP; Mon, 02 Dec 2013 05:57:47 +0000<\/em>
\n X-Dh-Virus-Scanned: Debian amavisd-new at alc-junkmail-backend3.dreamhost.com<\/em>
\n X-Spam-Flag: NO<\/em>
\n X-Spam-Score: -1.039<\/em>
\n X-Spam-Status: No, score=-1.039 tagged_above=-999 required=999 tests=[RP_MATCHES_RCVD=-1.049, T_DKIM_INVALID=0.01]<\/em>
\n Mime-Version: 1.0<\/em>
\n Message-Id: <159d7d8b8dd29e053ac7484078bb82ca2248@guerrillamail.com><\/em>
\n X-Originating-Ip: [185.2.28.159]<\/em>
\n Content-Type: text\/plain; charset=”utf-8″<\/em>
\n Content-Transfer-Encoding: quoted-printable<\/em>
\n X-Domain-Signer: PHP mailDomainSigner 0.2-20110415 <http:\/\/code.google.com\/p\/php-mail-domain-signer\/><\/em>
\n Dkim-Signature: v=1; a=rsa-sha1; s=better; d=guerrillamail.com; l=255; t=1385963871; c=relaxed\/relaxed; h=to:from:subject; bh=ouvuUWJpwETjUDkcfcPvQDw0gQM=; b=EjFrOzxmAT\/eOU2HuLhFdm1C3vIFrookRLn+491+dkq3Y4K6XnkVbqScxTuQsQoM<\/em><\/p>\n

you were taken down and you will be taken down again until you learn how not to be a hypocrite<\/strong><\/p>\n

—-
\nSent using GuerrillMail.com<\/em>
\n Block or report abuse: https:\/\/www.guerrillamail.com\/abuse\/?a=RUR2DBkPY7AQigeg%2FzAQYBM%3D<\/em>
\n======================<\/p>\n

In response, we’ve signed up for a program offering constant security scans and cleaning, and although that increases maintenance costs, we’ve gotten donations (and lots of free advice, thanks for both!) from very kind people out there. Much obliged!<\/p>\n

If you like what you see and want to keep Debito.org up and hack-free, please consider contributing a little something by Paypal:<\/p>\n


\n
\n
\n\"\"<\/form>\n

Anyway, we’re back. Let the discussion resume! Thanks for reading and contributing! Arudou Debito<\/p>\n","protected":false},"excerpt":{"rendered":"

It’s good to be back after nearly two weeks of being down after being hacked. Just a brief paragraph recap of what happened for those who are interested:<\/p>\n

On November 29, I tried to log in but found that my password wouldn’t work. I got in touch with my provider but they were slow in answering, and after being bounced between a couple of helpful and unhelpful techies, I got signed up for a cleaning-out service. This took some time, as Debito.org after nearly two decades of service has accumulated around 16 GBs of data. But once that was cleaned out, I still had trouble logging in. So I had to manually update themes and change passwords here and there, only to find out that the only password that would now work to avail me of this dashboard was the old one (I’ve now gotten in and changed it officially via the blog dashboard). So here we are, back, as of this morning, ready to resume discussion.<\/p>\n

Meanwhile, the question remains, who hacked Debito.org and why? Several techies wrote to me saying that Wordpress is particularly vulnerable to hacks and spiders that implant viruses with delayed infection times. I don’t doubt that, but hours after Debito.org was taken offline, I got this weird message (see full blog post):<\/p>\n

In response, we’ve signed up for a program offering constant security scans and cleaning, and although that increases maintenance costs, we’ve gotten donations (and lots of free advice, thanks for both!) from very kind people out there. Much obliged.<\/p>\n

If you like what you see and want to keep Debito.org up and hack-free, please consider contributing a little something by Paypal (click here).<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[24],"tags":[],"class_list":["post-11998","post","type-post","status-publish","format-standard","hentry","category-debitoorg-website-updates"],"_links":{"self":[{"href":"https:\/\/www.debito.org\/index.php?rest_route=\/wp\/v2\/posts\/11998","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.debito.org\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.debito.org\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.debito.org\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.debito.org\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=11998"}],"version-history":[{"count":0,"href":"https:\/\/www.debito.org\/index.php?rest_route=\/wp\/v2\/posts\/11998\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.debito.org\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=11998"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.debito.org\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=11998"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.debito.org\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=11998"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}