Ryan's Ramblings

Dear blog owner and visitors,

This blog had been infected to serve up Gootloader malware to Google search victims, via a common tactic known as SEO (Search Engine Optimization) poisioning. Your blog was serving up 305 malicious pages. Your blogged served up malware to 0 visitors.

I tried my best to clean up the infection, but I would do the following:

• Upgrade WordPress to the latest version (one way the attackers might have gained access to your server)
• Upgrade all WordPress themes to the latest versions (another way the attackers might have gained access to your server)
• Upgrade all WordPress plugins (another way the attackers might have gained access to your server), and remove any unnecessary plugins.
• Verify all users are valid (in case the attackers left a backup account, to get back in)
• Change all passwords (for WordPress accounts, FTP, SSH, database, etc.) and keys. This is probably how the attackers got in, as they are known to brute force weak passwords
• Run antivirus scans on your server
• Block these IPs (5.8.18.7 and 89.238.176.151), either in your firewall, .htaccess file, or in your /etc/hosts file, as these are the attackers command and control servers, which send malicious commands for your blog to execute
• Check cronjobs (both server and WordPress), aka scheduled tasks. This is a common method that an attacker will use to get back in. If you are not sure, what this is, Google it
• Consider wiping the server completly, as you do not know how deep the infection is. If you decide not to, I recommend installing some security plugins for WordPress, to try and scan for any remaining malicious files. Integrity Checker, WordPress Core Integrity Checker, Sucuri Security,
  and Wordfence Security, all do some level of detection, but not 100% guaranteed
• Go through the process for Google to recrawl your site, to remove the malcious links (to see what malicious pages there were, Go to Google and search site:your_site.com agreement)
• Check subdomains, to see if they were infected as well
• Check file permissions

Gootloader (previously Gootkit) malware has been around since 2014, and is used to initally infect a system, and then sell that access off to other attackers, who then usually deploy additional malware, to include ransomware and banking trojans. By cleaning up your blog, it will make a dent in how they infect victims. PLEASE try to keep it up-to-date and secure, so this does not happen again.

Sincerly,

The Internet Janitor

Below are some links to research/further explaination on Gootloader:

https://news.sophos.com/en-us/2021/03/01/gootloader-expands-its-payload-delivery-options/

https://news.sophos.com/en-us/2021/08/12/gootloaders-mothership-controls-malicious-content/

https://www.richinfante.com/2020/04/12/reverse-engineering-dolly-wordpress-malware

https://blog.sucuri.net/2018/12/clever-seo-spam-injection.html

This message

The next mega millions jackpot numbers will be 10 21 25 31 44 with the mega number 38.

We will win and put this money to good use promoting positive energy throughout the universe by cultivating it here on earth.

Make me happy and whole again
And let love flow without end
Live in love with no pain
Calm the voices in my brain

I hope my peers reward my tears
Remove my inadequacy fears
Praise my work throught the years
Givening me more emmys and cheers!

give me the cold sweat of hot love
quench my fear of stagnation with someone I can’t trust
let me drink the blood of young romance,
only to spit out the tired corpse of rancid lust

let me penetrate incorruptible beauty
let me watch it wither and die
let the world fall apart around me
while I am left wondering why.

someone please help me – my brain is trying to kill me.
It keep feeding horrible suggestions down my throat and the voice of reason normally left to quite such intentions is noticeably silent during these proceedings. Content to spiral down but conscious enough to analyze the errors of my ways, I continue knowing no good can come but unable to care.

Say you don’t want me, and I walk away.
I love you too much to hurt you anyway.

But don’t think for a minute that what I did was out of loneliness.
Maybe I’ve done too much in a foolish quest to impress,
But I wasn’t just trying to get in your dress,
I’ve never stopped loving you I confess.

Maybe you’ve felt lonely, and I’ve been too.
but that doesn’t make me do what I do.
I’m lonely ‘cuz I’m holding out for you.

I didn’t want you to tell me no before I could say my side
but I knew it when I came by, you would run to hide

You said we didn’t work, maybe I was a jerk.
We broke up because I couldn’t grow up
Now I’ve changed – no longer deranged.
I just want a chance at another dance.
I don’t just want another fling.
I want someone to give a ring.

I don’t want you because I’m lonely.
I’m lonely because I want you.

Sometimes I wish I was smarter,
Sometimes I wish I learned quicker,
Sometimes I wish my soul could barter.
Sometimes I wish my head wasn’t sicker

Sometimes I wish we were still together.
Sometimes I think I can still make it forever
Sometimes I think, take me back whenever
and then I’ll leave you, never!

Sometimes I cry.
Sometimes I cry for the who had to die,
but sometimes I cry and I don’t know why.
or I do know but won’t say ‘cuz I’m too shy.

I know your tired of the sharks who swim by
I don’t want to be like any other guy.
So I try to be the one who is polite,
I’ll be the one who doesn’t bite.

Sometimes I love you so much but I’m filled with hurt.
Sometimes so much, I’m afraid that I’ll act like a jerk.
Sometimes I wait for the right time to say,
and then I feel you running away.

Sometimes I want to tell you how I feel.
Sometimes a glance is all that I can steal.
Sometimes I think you know but can’t deal.
Sometimes all this heartache gets too real.

Sometimes I write these things and never send them
Sometimes I write, but never know how to end them.

I pretend
To be the friend
While I drag my heart
Through the coals again

Tear me apart
Right from the start
I’ll put on a convincing show
Because pain makes better art.

So I don’t let go
Even when you say no
I’ll just squeeze too hard.
To hide that I’m feeling low

Ive known you as long as I haven’t my dad.
When I think back, it makes me sad,
That we’ve had to come to an end,
You’re the best lover I’ve had.

I ask you from above
Please send me love

I need not lust,
But sone I can trust.

Guide me from sin
And make me whole within

All is still on the digital frontier
The constant stream of chatter has died down from the loud rappids roar of a days excitement to the babbling brook in the evening, winding down to an uncertain drop into our collective unconsiousness.

We’ve all logged off and shut down, kissing our loved ones goodnight. The voyeurs are left to create the content as those with anything to say have said it by now. A rhytmic clicking is all the fills the air. The clocks seconds spew forth in a deafening drone, but when daylight dawns, it’s ticking will be out tocked by the clatter of commotion to wail through these walls.

In the dark, the smallest light becomes blinding. Tiny noises echo with an uncertain end and thoughts ring out in ceasless pulses.