Yesterday, I took down the festival.edgeryders.eu website because it had become infected by a worm and was sending thousands of spam e-mails Nothing else on the server was affected or compromised though, as all sites are isolated from one another.
The website was based on WordPress and (I think) was made by @owen. I saved the earliest backup of the site that the server had, and it seems that was before the infection (but that would have to be checked more thoroughly, or even better we’d start from a development version that Owen has around if we want to develop the next festival’s site on the basis of this one …).
I’m interested in all types of malware, and potentially the spam emails that were sent. Particularly if they are of the recent sextortion scam kind.
If you have some of the files, and they’re not private, I’m always interested in new samples of malware/methods of compromise. I use that information to help others protect themselves, by running a MISP server.
If you can share, or if you want more information about how to use MISP to protect communities from hacking/privacy invasion stuff, let me know.
Oh shoot… it was iffy for some months now but I send it to people often as a reference of LOTEs and community events. I think it is very useful to save and have it up somewhere… if that is possible.
If not we’ll have to live withhout it…
If you want it to keep being available, you’d have to get Owen to send me his latest clean version from his computer. But even then, I’d install it behind password protection, so you’d have to share a password together with the link. (That’s because the site would be prone to malware infection again if nobody cares to install security updates regularly. Which is why I am against these single-purpose websites normally: usually nobody cares for maintenance when they are no longer needed.)
Also, installing it again takes maybe an hour. So maybe let’s better wait until we have the next website for an upcoming conference …
I hear you… Okay, when we will work for the next one we will also install it, because there will be budgeted time. In the meantime @Owen can you send Matt the latest version you had of the site, for future usability?
Thanks!
Hey @noemi, @matthias - I didn’t develop this, it was Olga’s and it used some sort of page builder (Divi, or Elementor) so I don’t have all the files on my computer - only the header template where I inserted the navigation menu. I will salvage what I can of the content and see if it can be resurrected.
Nothing else on the server was affected or compromised though, as all sites are isolated from one another.