JealousBrother.com official blog

Gootloader infection cleaned up

Dear blog owner and visitors,

This blog had been infected to serve up Gootloader malware to Google search victims, via a common tactic known as SEO (Search Engine Optimization) poisioning. Your blog was serving up 385 malicious pages. Your blogged served up malware to 76 visitors.

I tried my best to clean up the infection, but I would do the following:

  • Upgrade WordPress to the latest version (one way the attackers might have gained access to your server)
  • Upgrade all WordPress themes to the latest versions (another way the attackers might have gained access to your server)
  • Upgrade all WordPress plugins (another way the attackers might have gained access to your server), and remove any unnecessary plugins.
  • Verify all users are valid (in case the attackers left a backup account, to get back in)
  • Change all passwords (for WordPress accounts, FTP, SSH, database, etc.) and keys. This is probably how the attackers got in, as they are known to brute force weak passwords
  • Run antivirus scans on your server
  • Block these IPs (5.8.18.7 and 89.238.176.151), either in your firewall, .htaccess file, or in your /etc/hosts file, as these are the attackers command and control servers, which send malicious commands for your blog to execute
  • Check cronjobs (both server and WordPress), aka scheduled tasks. This is a common method that an attacker will use to get back in. If you are not sure, what this is, Google it
  • Consider wiping the server completly, as you do not know how deep the infection is. If you decide not to, I recommend installing some security plugins for WordPress, to try and scan for any remaining malicious files. Integrity Checker, WordPress Core Integrity Checker, Sucuri Security,
    and Wordfence Security, all do some level of detection, but not 100% guaranteed
  • Go through the process for Google to recrawl your site, to remove the malcious links (to see what malicious pages there were, Go to Google and search site:your_site.com agreement)
  • Check subdomains, to see if they were infected as well
  • Check file permissions

Gootloader (previously Gootkit) malware has been around since 2014, and is used to initally infect a system, and then sell that access off to other attackers, who then usually deploy additional malware, to include ransomware and banking trojans. By cleaning up your blog, it will make a dent in how they infect victims. PLEASE try to keep it up-to-date and secure, so this does not happen again.

Sincerly,

The Internet Janitor

Below are some links to research/further explaination on Gootloader:

https://news.sophos.com/en-us/2021/03/01/gootloader-expands-its-payload-delivery-options/

https://news.sophos.com/en-us/2021/08/12/gootloaders-mothership-controls-malicious-content/

https://www.richinfante.com/2020/04/12/reverse-engineering-dolly-wordpress-malware

https://blog.sucuri.net/2018/12/clever-seo-spam-injection.html

This message

Mold Assassin – The Ultimate VHS Mold Cleaning Machine

So I have the bad habit of starting new hobbies and entering into the world of VHS capturing/digitizing is no exception. After months of research, I started investing in rare vintage equipment to digitize all of our family VHS tapes. Sure, you can do this on the cheap, with inferior capture devices but if you want the absolute best quality captures; it’s not cheap and not quick.

Let me go back a few steps. One day I was visiting my parents and noticed a box of VHS tapes sitting in their barn. This is the South (Tennessee) so it gets very hot and very cold; sometimes in the same day. It is also very humid, so that paired with heat is an invitation for mold growth. That is exactly what happened to most of the tapes in the box. Initially I didn’t see it as a big deal until my research led to the dangers of mold as well as the damage it will cause to expensive vintage VHS equipment. I had to come up with a solution to clean the mold off of the tapes so they could be captured. I started with some of the DIY options using old VCR’s along with 90+% alcohol and swabs. But for someone who always grabs the bull by the horns when he takes something on, that wasn’t good enough.

The “Mold Assassin” as I like to call it was created after a lot of research and trial an error. It’s constantly evolving as I come up with new methods and ideas but I figured I would share some of what I’ve learned with everyone, just in case you too are faced with cleaning mold off of old tapes and feel like going all in on building a DIY cleaning system similar to mine. I will be offering Mold cleaning and capture services for anyone that is interested. I will include all of my contact information at the bottom of the post.

My research on cleaning mold off of VHS tapes led me in two directions; first, RTI Tapechek systems which are rare and very expensive when you can locate them. Second, DIY options from pictures I found online. I found one system that used a similar Kinyo VHS Rewinder which is what led to the idea of using the chassis of the Rewinder for my project. That particular DIY cleaner had only one cleaning point and was not very advanced at all. I had no choice but to up the ante a bit.

Here is an example of what the system is capable of:

First Phase – Wall Control Pegboard and a Kinyo VHS Rewinder

So I opted for the Wall Control Pegboard because I thought it would be rigid enough to support my VHS cleaner system and it had a ton of holes and slots already in place for me to utilize for the system components. Unfortunately, the pegboard ended up not being rigid enough to support the evolving system. I ended up adding some metal shelf support brackets on the underside to increase the Pegboards rigidity. That did the trick. (You can see this in the YouTube Video below).

Second Phase – Single Motor and Guide Rollers

To say this VHS cleaner evolved is an understatement; I first experimented with using a single motor and had planned to emulate the single cleaning station I saw on another DIY system. Unfortunately for me, that wasn’t good enough. This was just the beginning. 

Third Phase – The UVC Chamber

After researching the dangers of mold it became apparent I had to make the system safe to use. I opted to convert an old shop light housing into a Mold killing chamber with the addition of a UVC germicidal bulb. This took a bit to accomplish as I had to cut channels in the aluminum housing of the shop light and strip all of the unneeded components. I then drilled holes in both sides of the housing for the light to slight into and stay securely in place. Full disclosure; I messed up on one of the holes as I was using the wrong kind of drill bit. I ended up using a portion of the shift links boot off of an old Honda Civic I had laying around to fix the poorly drilled hole. 

 

More to come:

 

Sponsored Product List – Featured in Video

Foam Tip Cleaning Swabs – https://amzn.to/30BsV3M

Geartisan DC 12v 200rpm Motor – https://amzn.to/34vbkeC

DC Motor Mounting Bracket (2 used per motor on this setup) – https://amzn.to/3lhFb1e

Photoresistor Relay Module – (2 used in this system – Autostop function) – https://amzn.to/33AnFPM

DC Motor Speed Control – (2 used in this system – 1 for tissue, one for drive motor) – https://amzn.to/3d1BLfQ

Aluminum PU Pulley (41x16x6) (Note: Had to drill hole slightly larger) Used in this setup – https://amzn.to/36xOypi

Momentary Metal Button (Used to start / stop tissue relay) – https://amzn.to/33vBtLk

Shop Vac Accessory Kit (Used downsize adapter for vacuum assist system) – https://amzn.to/2Gkepqc

DC Pigtail Adapter (Used to use a single power supply to power tissue and drive motor) – https://amzn.to/30AUutE

Timer Delay Relay Switch (Used to control tissue refresh system) – https://amzn.to/36B677K (I left a detailed wiring diagram in the Amazon product reviews.)

Pillow Block Flange (Used to create the Tissue roll holders – Placed underneath Peg board and holes in pegboard were drilled out to a larger size) – https://amzn.to/3nlLanq

UVC Wand Light (Note: It looks like the style has changed since I purchased it. Plan accordingly when drilling your hole in the shop light housing) – https://amzn.to/3letCHY

 

JealousBrother Users Help Determine Whether Rivalry Comments Get a Facelift

Your Input is Needed:

As always JealousBrother users are the most important asset to our website and we truly value your opinion. After receiving some suggestions from a couple of users on some potential changes to the way rivalry comments are displayed we decided to put it up for a vote and discussion over on the main site.

Redesign Rivalry Comments VS Leave Comment Layout Alone

Here are some of the questions you might ask yourself when considering whether or not we need to make some changes to the rivalry comments layout.

1.) Do you find the discussions easy to follow and contribute to?
2.) Do you like the order in which the comments are displayed? (Example: Oldest to Newest)
3.) Do you like being able to see all of the replies to comments regardless of the number of replies?
4.) Would you like to see any changes made to the way rivalry comments are currently displayed?
Of course these are just a few examples. We welcome any input and look forward to hearing what you think!

You can find the rivalry and discussion over at the main site by clicking on the image below:

A Detailed Look at Wilson Electronics 4G LTE (801865) Amplifier and Compatible Antennas (304411 and 301111).

The Wilson Electronics 801865 Mounted behind our plasma television. Here you can see where I opted to mount the Wilson Electronics 4G LTE amplifier. I chose to mount it behind our television so it could be hidden and have access to an outlet without required a bunch of cable to accomplish it.

Shortly after purchasing my Droid Bionic 4G LTE smart phone I was blown away by the results of my data transfer rates on bandwidthplace.com. Depending on my location I was getting speeds between 3Mbps to 32Mbps and no, I’m not joking. This along with the mobile hotspot capabilities of the Droid Bionic is what peaked my interest in finding a way to get a Verizon 4G LTE signal at home which has been a problem since we switched from At&t to big red a couple of years ago.

Our neighborhood apparently is in a Verizon black hole where the force is so strong that no reception can penetrate through. Well, that’s not entirely true, we get a signal but it’s random and jumps from network to network (1x, 3g, 4G LTE occasionally on one side of the house) every few seconds. Bear in mind that the signal we received was never enough to make a call or transfer data. Up until I decided to ditch my home internet and setup a home network using my Bionic we had been using a Verizon (Samsung branded) network extender which worked great for phone calls but required a high speed internet connection and did not function well with data functions like text messages.

Okay, enough with the back story lets get to the meat of what this article is about; Wilson Electronics (WE) 4G LTE signal Booster and the accompanying WE antennas. Considering that I am a rather cheap individual I was not willing to pay retail for a WE all in one kit ($700+) so I decided to piece the system together using several sources which I’ll detail below.

The Review:

2011-11-16_11-32-16_609

The question on your mind is likely, Does it work? YES! Let me start by saying that I went from sporadic signals that lasted no more than 5 seconds to a consistent 4G LTE signal that floats between -82 and -95 depending on the tower I’m receiving the signal from. This provides roughly 4Mbs to 12 Mbs download speeds and upload speeds between 1 ½ Mbs to 5 Mbs. However, your situation may vary for a number of reasons. Careful research and thought must be conducted prior to making the investment. To give the primary and very general requirement for success with WE signal booster here’s what the technical support staff at WE told me, if you can attain a signal from the carrier then this system will work for you. Meaning, if you can lock onto a signal from the carrier even for a brief moment or two this system will likely help you attain a solid and consistent signal. I’m not saying you’ll be sitting with a -65db signal but if you’re situation is similar to mine you could see signals ranging from -82db to -94db depending on several factors; like distance to the tower, broadcast power of the tower, etc…

Negatives:

Read the rest of this entry »

An in Depth Look into MicroSys A1 Sitemap Generator. A1SG. Review.

Software: A1SG (A1 Sitemap Generator)
Current Version: 3.0.9
Price: Standard – $49.00 Professional – $69.00 (1 year of free updates)

(Also offers a Free Fully Functional 30 day trial)

Modes:

A1SG offers two modes of use “Easy Mode” and what I’ll call “Super Advance Mode”. While easy mode may be ideal for smaller websites with excellent url structures it’s not suitable for larger websites or those with structuring issues. I won’t be covering “Easy Mode” in much detail as none of my websites were a suitable choice for crawling in this mode. With that considered it is certainly possible that there are plenty of well structured websites that could very much benefit from the “Easy Mode”. a1sg_opening_image

Before I come off too negative let me open the door to what I’ll refer to as “Super Advanced Mode”. To say the advance mode gives you amazing control over your sitemap analysis and output would be the understatement of the century. I’ve been working with the software for well over two months now and I’ve likely only evaluated 55% – 65% of the options available in this software. Extensive options come with an elevated learning curve which Thomas told me was a trade off he’s willing to make.

User Interface:

A1SG is very powerful but it is also a bit confusing. The large number of features take it’s toll on ease of use which includes attempting to figure out what all of the different filters do and what the appropriate syntax is to make them spring to life. To counter the confusion A1SG offers numerous mouse over tips and a very extensive online help section for all of the different features to help explain the use and sytnax which is a neccessity for people like me who refuse to dive into manuals. a1sg_extensive_optionset To give an example of how extensive the option sets are I’ll list the tabs for scanning a website; Paths, Scan Progress, Crawler Options, Crawler Engine, Crawler Identification, Webmaster Filters, Analysis Filters, Output Filters, and Data Collection. Each one of these tabs has numerous options for the end user to choose from which while very usefull features this does make it a little more challenging to operate but then again it is “Advanced Mode”.
Read the rest of this entry »

A Comparitive and Detailed Review of CoffeeCup’s Sitemapper and InSpyders Sitemap Creator

CoffeeCup SiteMapper vs. InSpyder Sitemap Creator 

Side By Side: InSpyder Sitemap Creator - CoffeeCup SiteMapper


It’s a bit difficult to say just how crucial sitemaps are in search engine algorithms and how much of an increase of indexed pages and crawl rate, if any, you’ll receive by uploading and pinging an xml sitemap to the major players. (Google, Yahoo, Bing) What is definite is that it can’t hurt your site unless it’s done completely wrong (formatting), you delist too many url’s, or you leave too many urls on the list.

Before jumping into the comparative review of SiteMapper and Sitemap Creator I want to give a layman’s term definition to what a sitemap is and what it may or may not do for your website or blog. It is indeed a map but it’s more than that; a good way to explain it would be to say it’s a hybrid map, more like a GPS (Unit that gives directions) set to the shortest and most efficient distance. Let’s say you have a ton of irrelevant or duplicate content urls on your site, to add to the analogy above, these urls could be considered freeway traffic or ice cream stores; things you want to avoid when traveling because it eats up your time.

Let’s think of search engine bots(Those that crawl your website) as impatient kids in the back seat of the family’s station wagon (Does anyone actually still own a station wagon?) on a long family road trip across the country (Country=Your Website). Now wouldn’t it make sense for your GPS (Sitemap) to get you to your destination as quick and efficient as possible so you don’t lose your mind? Yes it would. While a Sitemap is considered to be a suggestion to the search engines I’d be inclined to think they take them fairly seriously, especially when it’s well formatted and the most useful content of your website is added to it. The beautiful thing about sitemaps is that unlike your gps unit on the road trip you can actually remove traffic/obstacles in the road instead of just attempting to avoid them (Suggestively that is because it is up to the search engine on whether it follows the Sitemap path).

There are two types of sitemaps, html and xml. Html is primarily for the benefit of your website visitors while xml (xml’s can be zipped and indexed) is purely for the use of search engine bots. (There are evil bots too)
Now that we have a basic understanding of the sitemaps let look at two pieces of software I purchased and used within the last three weeks.

CoffeeCup SiteMapper:

UPDATE: Before leaving this post please read the update at the end of this review for some updated information regarding the SiteMapper program. This greatly alters the opinion I previously had of this program but doesn’t modify my opinions on InSpyders product.

CoffeeCup SiteMapper was the first program I purchased and at just $29.00 ($26.10 with coupon code: 226STS) it was definitely an easy choice to make the investment. Visually speaking SiteMapper is a beautiful piece of software; functionality wise was a completely different story. It comes packed with a lot of convenient features such as scheduling to automatically update and ping the search engines, built in preview of the sitemap, and of course the ability to create both html and xml sitemaps.

Unfortunately I wasn’t able to test the scheduling and pinging features of this program because after five days of attempting to crawl a website I finally gave up. The crawl would start out fine but before too long the software would lock up forcing me to open the task manager to shut it down(I read similar complaints of this on their Support Forum). Now before you think this was computer related, I installed SiteMapper on my desktop and two laptops just to be certain. (All running Vista Home Premium so there is a small chance it was OS related but not likely)

SiteMapper Frozen

Read the rest of this entry »