In case you were wondering what happened with Cymon’s Games down-time here’s the story.
Loyal reader epicoder tweets me one morning to tell me my site’s been hacked. He’s getting a virus warning when he hits my form page. So I check my site and… suddenly I’m being told that my hard drive is failing and I need to register my hard drive scanner to fix it. Only it’s not my hard drive scanner that’s telling me this. It’s malware. And it’s a nasty one. Somehow logging on to my site downloaded a piece of software to my computer and MSE didn’t catch it before it delivered it’s payload. So I get on the other computer to fix my site. Fortunately Avast did catch the malware before it could infect my system (Avast 1, Microsoft 0) and I managed to clean the eval insertion from the front page of cymonsgames and the forums.
Meanwhile, cleaning this malware off my computer turned out to be… tricky. Neigh impossible in fact. In the end I had to reformat and re-install my system. This thing means business. So when it came back again and again… well for the safety of my 3 readers I decided just to shut the site down for a while. Apparently not upgrading my wordpress installation was a bad idea. So I upgraded wordpress, changed some passwords, and left things offline for a while so that hopefully any undetected scripts will fail enough that they’d stop trying. That appears to have done the trick and now we’re back.
The downtime has truly given me pause for thought. There have been things that I’ve been wanting to do with this site for a long time. For one I want it to be user driven, meaning anyone can submit their own programs and I don’t have to be the only one updating. I’d like to open it up to Python and java as well as flags for programs that run on a raspberry pi. But that’s not something I’m skilled at writing. Sure, I could figure it out, but I’d rather hire someone who can get it right the first time. But that will take money. So I’m thinking of a kickstarter. The hard part is coming up with rewards. I may have to use my 3D printer to manufacture decoder rings and the like, tho I don’t want to get bogged down mailing out physicals. What do you think? If I were to start a kickstarter to raise the funds to make Cymon’s Games what it can be what should I offer as tiered rewards?
RSS Comments.
May 28th, 2012 - 9:23 pm
I use Avast as well, it hasn’t let anything by yet. Though I’m surprised that MSE didn’t catch it- I’ve heard it’s quite good. As for reward tiers on kickstarter… I can’t come up with anything better than the obvious credit/link on the side. Maybe a special title or rank image on the forums?
A couple problems with your links there. One links to TGadget with a bunch of get parameters that just leads back to their front page. The other links to cymonsgames.com/post-mortem…/www.avast.com/.
On a somewhat funny side note, I’m now getting AV ads in the Google ads on this site.
May 29th, 2012 - 8:35 am
Thanks for the heads up on the links. And the initial heads up.
The plot thickens! I’ve been recieving e-mails to my personal address from a Russian company who says that they’ve noticed my site got hacked with malware and that they’ll protect me from it in the future… hold on. The malware attack redirected to Russia. I’m a victim of a RUSSIAN PROTECTION RACKET!
May 30th, 2012 - 10:25 pm
Solution to the RUSSIAN PROTECTION RACKET! (sorry, I had to write it that way, it just looks so much more exciting) scheme is to run Linux on your server. No virus or antivirus problems at all.
Also, epicoder, that’s a nice Dave you’ve got there.
Also, someone should make a game called RUSSIAN PROTECTION RACKET!
May 31st, 2012 - 5:54 am
Someone else who reads Homestuck! :D I thought I was the only one here.
You’re next, Joe. In the end, everyone will read Homestuck. ALL THE PEOPLE. All of them.
I think this server does run Linux. I’d be very surprised if it didn’t as it’s running Apache. I think he got infected because he was behind a version or two on both WordPress and SMF, so some script found him and exploited one of those.
May 31st, 2012 - 6:00 am
Never heard of Homestuck, I’ll look into it. (EDIT: I take it back, I have heard of it. And I don’t really have time to get into it. If I did I wouldn’t be able to make a cool website.)
Epicoder is 100% correct. This website is running linux. The attack did come through old versions of wordpress and SMF and is what is called an “code injection attack”. Now if you were running linux on your home machine the attack would have ineffective against you but it didn’t save a thing on the site itself.
June 8th, 2012 - 8:59 pm
Oh, I see. I misunderstood where the virus was. I thought the virus was installed on the server as well as sending it to innocent viewers. I gotcha.