FFXI Blog Writers, heads up!

According to a BG article, RMT have started targeting Blog owners like WordPress (the Operating System of Blogs). You can read the BG post if you’re interested.

I’ve mention this before on my Update on Account Security post, to remind administrator to keep their software (forums, blog etc) updated. I personally saw it coming because the moment I saw RMT trying to post comment in my blog about selling FFXI gil, I know they are up to something.

The exploit for those blog owners are the same ones exploited in somepage, by injecting an iframe (adding a line of code) into your webpage, that connects to another server to retrieve more codes.

For the less tech-savvy blog owners, you should just keep it updated. WordPress gives tons of control over your blog, but controls simply means more opportunity to exploit a flaw in your database. Also, not only wordpress flaw can be dangerous, but also Themes that we use. I’ve read that some themes now contain malicious code when you download them. Since I go into the code and do personalization, most of the time I know what’s in the code but, for those that don’t customize and just slap a theme on, be sure to only get your theme from wordpress.org, they might not have the best theme, but they will have the theme code that was written by the author.

Just remember, your blog and forum are read by your friends. By not keeping it secure, not only you harm yourself, but also all your friends.

So again, for the 100th time…

  • Use Firefox, with No-Script, and of course keep it updated!
  • If possible, just surf on another PC
  • Don’t visit a website that is -not maintained/updated-. Chances are if they don’t update their content, they don’t update their blog software / website, (kinda like how somepage haven’t updated for awhile), hence don’t even know their website’s being compromised.
  • If you’re lazy and just don’t understand or have the time to update your own blog, considering using a blog that’s automatically maintaned like Livejournal, Blogger or a WordPress.com, where they do the dirty work for you.

Little Extra Reading on Security

I havta say, I myself is also a little bit paranoid about these crazy hackings. I did a little research and found out there’s an independent company call AV-Comparatives! They do nothing but test anti-virus software for a living. Basically, they load up a PC with all Trojans you can ever find and have a anti-virus scanner to pick it up. The more you pick up, the better of course!

Here’s a paper on it.

For those who’s too lazy to read, let me summarize. The best one which can pick up most virus (including fresh new ones) is Nod32 (which Taj recommend), follow by Kaspersky (which I use), while not providing false alarms (Eg. which detect your Windower trying to hack FFXI, and delete your Windower altogether lol…).

Nod32 itself is a nice AntiVirus software, but since Kaspersky also bundles a Firewall, its a nice combo to buy together. These two are the strong ones which pick up a lot of old ones, and a lot of new ones. So if you’re a little bit paranoid about it, then these are the two AV that you want to have in your computer.

If you’re a blog owner, consider subscribing to http://blogsecurity.net/ ^^; keeps you updated with latest tricks of how people rip apart your blog!

Anyway, if you keep your Windows and AV updated, there should be nothing to worry about. :) See that “9000” Spam that I blocked… yea… bad RMT comments goes there (RMT comment with bad URL of course :/). I’ve also check my own and all others that I host (Sakura’s, Ashiya and Sohjai’s), they are also okay and not affected. Btw, there’s a new patch for WordPress around 18hrs ago ^^; be sure to grab em (its pretty serious flaw too, so make sure its patched)

6 Responses to “FFXI Blog Writers, heads up!”

  1. Jowah says:

    oh come on what the fuck
    i wish they die in a horrible way for doing such things -.-
    And i need to fix some stuff before upgrading to 2.3 D:::::

  2. Maiev says:

    Yea.. better do it shoon :3 Well mostly from WordPress flaw, so patching it will resolve most of the thingsss :)
    I’ve also been searching for plugins that adds another layer of defense, still researching if they really work or just slow down the blog XD

  3. Veve says:

    Thank you for the excellent post and yes I saw this one coming as well. In fact, I already suspected such RMT threats already in place on various blogs :-/ Already patched my weblog with the new update and keep a close eye on any danger… Apparently RMT are really serious about this war, thus so we have to be also ! There will be many casualties :-( I just hope SE finds a way soon RMT can’t hack these accounts anymore (like needing reg codes to change visa details or pass)

  4. Calaera says:

    Gosh f’ing dammit. Thanks for the heads up, Maiev. I’m really pissed that they are sinking so low as to target bloggers though. Guess I better start looking into ways, too, to bolster security on my WP.

  5. Aeyze says:

    Bleh, read about this a while ago, stumbled over the link on BG, guess it’s time to play around with wordpress some Dx


  1. […] Although several days late, I thought I should remind and/or bring awareness to several people about yet another way RMT users are trying to get your precious information. We know that several weeks ago they have inserted an iFrame onto Somepage, but there are news going on that they have managed to exploit a security hole in WordPress (a popular blogging script) and try to take your information the same way they tried to when you visited Somepage. Maiev of the StarOnion has great news about it and details on how to better protect yourself here: FFXI Blog Writers, heads up! by Maiev. […]

Leave a Reply