Kissed by the Devil

cRu$ty's calling cardFirst the Iranians, now an Algerian. A gent (or maybe a gal – one shouldn’t be sexist about this) who goes by the name of cRu$ty paid me a visit and placed a picture of a skull with a very fetching blue rose, together with the above motto, where my home page should be.

Have these guys got nothing better to do than give me free training in website security?

The Iranians, for example, woke me up to file permissions. 777? 644? Who cares? All the same to me, except that the only way I can edit my templates from within my blog’s theme-editor panel is to have the permissions set at 777. So obviously the permissions were set at 777.

Not any more.

As I diagnosed what the Iranians had done, I also learned a bit about how WordPress functions and templates fit together. So calling up a category archive invokes index.php? News to me. I’m not sure where you find out what templates the different functions call up. Anyway, my friendly Iranians had hacked the wrong template file if they wanted to do the maximum damage. The front page still loaded fine.

I’m not sure whether cRu$ty and my Iranian friends are in league. They certainly hunt in packs: I thought I’d google him to see who else had been hacked: a visit to a couple of the sites returned a message from the Iranian hackers rather than cRu$ty’s skull. I also spotted that many of the sites have uk domain names. Maybe it’s my webhost who’s being targeted.

This is borne out by a message lower down Mr cRu$ty’s page: it contains a strange bit of franglais.

United Kingdom heberger *Hacked*. Let as feeling Peace & Love or I will f***ing hack all the UK hebergers.

Another quick google suggests that heberger is French for webhost. So we have been warned. But I always feel Peace & Love! I’m a very peaceful and loving person.

As for what cRu$ty did, well, I can see what he did because I’ve fixed it. What I don’t know is how he did it. I’m hoping my heberger can tell me that.

Any bets as to the nationality of the next LKL hacker?

Thanks, by the way, to David, Beccy and Alice for emailing and expressing their concern.

2 thoughts on “Kissed by the Devil

  1. I’m wondering why an army of Korean cyber-counter-terrorists haven’t leaped to my defense. Too busy attacking Japanese Takeshima sites no doubt.

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.