Re: Intrusion 2 Full Version Game Hacked
Rolande Nater
I would rather be robbed. Dealing with a hack means finding the vulnerability that lead to the intrusion, plugging it, finding out what other malicious materials were left by the intruders on all sites on that server, painstakingly cleaning up the mess (which has been cleverly hidden away) and moving hosts or servers. It costs so much time.
The vulnerability was in the URLs of the buy buttons generated by DAP the membership plugin I was using. I immediately contacted DAP. They were aware of this vulnerability and were working on a new shopping cart that would cost $400. I paid the $400 and anxiously awaited the shopping cart update.
They deduced that the hacker was able to upload a malicious file that was then used to create and/or upload other files, one being a Shell script that granted access to the cPanel account as a whole, which in turn led to other compromises.
Various back-ups and other files with old versions of WordPress were found on site roots. Back-ups should be stored elsewhere on the server. Otherwise they can be extremely helpful for an attacker and further opens the doors for phishing and social engineering attacks.
The most shocking revelation came from another of my sites, buildmybrand.net, that was a suite of tools that resized and edited images for social media sites. Multiple PHP backdoors (shells) were found in the web directory allowing attackers to execute arbitrary commands on the server. Some of the shells indicated automated attacks by multiple attackers.
Thanks for sharing this, Rob.
I use some .htaccess rules to protect my wp-admin. I also use plugins like Sucuri etc.
What do you think about Restrict Content Pro and Paid Memberships Pro as membership solutions ?
I guess the worst part for you was finding out that it had gone on for such a long time. ? I see that the DAP vulnerability was highlighted in 2014. It might be a good idea to subscribe to some security blogs.
Is so sad that we live in a time that we after be watching over our shoulders. But I do appreciate that you took the time to provide this experience. So Rob sorry for what happened to you but all the best!!!
WordPress is the most vulnerable platform due to its plugins. Most of the time site developed is hacked because wordpress.org do not think that it is necessary to review the code written by contributors who are not so experienced
Ok so I understand that you are using Teachable for selling your video courses but are you using any other non-wordpress membership platform for other purposes; OR what would you recommend for membership platform now if needed?
It's nice to meet you! I'd love to send you exclusive content that you can't find anywhere else on the blog, and I'll send you free ebooks and MP3s to help you with your online business as well!
A broadcast signal intrusion is the hijacking of broadcast signals of radio, television stations, cable television broadcast feeds or satellite signals without permission or licence. Hijacking incidents have involved local TV and radio stations as well as cable and national networks.
Although television, cable, and satellite broadcast signal intrusions tend to receive more media coverage, radio station intrusions are more frequent, as many simply rebroadcast a signal received from another radio station. All that is required is an FM transmitter that can overpower the same frequency as the station being rebroadcast (limited by the inverse-square law). Other methods that have been used in North America to intrude on legal broadcasts include using a directional antenna to overpower the uplink frequency of a broadcast relay station, breaking into the transmitter area and splicing audio directly into the feed, and cyberattacks on internet-connected broadcasting equipment.[1]
As a cable television operator connects itself in the signal path between individual stations and the system's subscribers, broadcasters have fallen victim to signal tampering on cable systems on multiple occasions.
On November 26, 1977, an audio message, purporting to come from outer space and conveyed by an individual named 'Vrillon' of the 'Ashtar Galactic Command', was broadcast during an ITN news bulletin on Southern Television in the United Kingdom. The intrusion did not entirely affect the video signal but replaced the program audio with a six-minute speech about the destiny of the human race and a disaster to affect "your world and the beings on other worlds around you". The IBA confirmed that it was the first time such a transmission had been made.
At 12:32 a.m. Eastern Time on April 27, 1986, HBO (Home Box Office) had its satellite signal feed from its operations center on Long Island in Hauppauge, New York interrupted by a man calling himself "Captain Midnight". The interruption occurred during a presentation of The Falcon and the Snowman. The intrusion lasted between 4 and 5 minutes and was seen by viewers along the East Coast. The man, who during the interruption also threatened to hijack the signals of Showtime and The Movie Channel, was later caught and identified as John R. MacDougall of Ocala, Florida. He was prosecuted shortly thereafter. Authorities were tipped off by a man from Wisconsin in a phone booth at a rest area of Interstate 75 in Gainesville, Florida. The man filing the report said that he overheard MacDougall bragging about the incident.
MacDougall's guilt was confirmed by an FCC investigation that showed he was alone at Central Florida Teleport at the time of the incident and a recording of the jamming video showed that the text was created by a character generator at that location. He was charged with transmitting without a radio license in violation of 47 U.S.C. 301. MacDougall pled guilty and was fined $5,000 and served a year of probation. Ambiguity about whether the 47 USC 301 charge was applicable since the transmitter had a license resulted in the passage of 18 U.S.C. 1367 which made satellite jamming a felony.
MacDougall was able to perform the intrusion while working a second job as a master control operator at a satellite teleport in Florida, where he worked to make ends meet due to declining income from his satellite TV equipment business. He stated that he did it because he was frustrated with HBO's service rates and that it was hurting his business selling satellite dishes (hence his second job at the teleport). The message, placed over SMPTE color bars, broadcast by MacDougall read:
On the night of November 22, 1987, an unidentified man wearing a Max Headroom mask appeared on the signals of two television stations in Chicago, Illinois. WGN-TV, owned by Tribune Broadcasting, was hijacked first. The intrusion occurred during the sports report on its 9:00 p.m. newscast and lasted about 25 seconds. Next came PBS affiliate WTTW, where the man was seen and heard uttering garbled remarks before dropping his pants, partially exposing his buttocks, and was then spanked with a flyswatter by a woman wearing a French maid costume before normal programming resumed. This second interception occurred at about 11:00 p.m. during an episode of the Doctor Who serial, "Horror of Fang Rock", and lasted almost 90 seconds. None of the individuals responsible for the intrusion have been identified. This incident got the attention of the CBS Evening News the next day and was talked about nationwide. The HBO incident was also mentioned in the same news report.
A broadcast of the movie "Three Daughters" on the Playboy Channel was disrupted with a text-only religious message on Sunday, September 6, 1987.[2] The message read, "Thus sayeth the Lord thy God: Remember the Sabbath and keep it holy. Repent, the kingdom of Heaven is at hand."[3][4] (from the Bible verses Exodus 20:8 and Matthew 4:17).
Thomas Haynie, an employee of the Christian Broadcasting Network, was convicted of satellite piracy in connection with the incident.[3] Haynie, who pleaded his innocence,[4] was the first person convicted under a new federal law which had made satellite hacking a felony following the Captain Midnight incident.[5]
CBN maintained that the FCC's case was entirely circumstantial since there were no witnesses and the signal could not be traced to a point of origin. During the investigation, experts on both sides attempted to recreate the incident with CBN's equipment. According to CBN spokesman Dino McCann, they were unsuccessful.[7] Furthermore, CBN asserted that there was not enough power for Haynie to jam Playboy's signal[7] but during the trial, government witnesses said the CBN station was capable of interfering with satellite transmissions.[8]
After initially being deadlocked,[2] the jury eventually sided with the prosecution and convicted Haynie on two of six counts. (Haynie was acquitted of similar charges of interfering with the American Exxxtasy channel;[3] a recording of the event was of such poor quality that it was unusable.) Haynie received three years of probation, a $1,000 fine, and 150 hours of community service.[8]
In 1995, the New York City radio station WKCR-FM allegedly suffered a broadcast signal intrusion late at night. The broadcast was interrupted by a high-pitched screeching noise, before a female voice began reciting the obituaries of various people, including those of Frank Oppenheimer, as well as several victims of Pan Am Flight 103. A cassette tape recording of the incident, known as the 'old tape' or 'death tape', surfaced on 4chan in 2013, almost two decades later.[9][10]
On February 11, 2013, Great Falls, Montana, CBS affiliate KRTV had their Emergency Alert System hijacked with an audible message warning viewers that "the bodies of the dead are rising from their graves and attacking the living."[11][12] Later the same night in Marquette, Michigan, and the early morning hours in La Crosse, Wisconsin, the same type of hijacking and reference to a "zombie invasion" was made over the EAS systems of CBS affiliate WKBT-DT, ABC affiliate WBUP and PBS member station WNMU during primetime programming.[13][14] Shortly afterward, PBS affiliate KENW of Portales, New Mexico, was struck with a similar hacking incident, repeating similar information regarding zombies;[15] however, this led to the arrest of the hacker of the four television stations.[16]
7fc3f7cf58