Security Alerts On ErosBlog Yesterday
Everybody, I’d like to apologize for the fact that some of you were getting popups or security alerts when visiting ErosBlog yesterday. Details are still unclear, but it seems our server suffered some sort of code injection attack, meaning that ErosBlog may have been trying to load hostile iframes that in turn were offering downloads of a sort you don’t want to download.
Server/hosting tech support is on the case, they say they have rooted out the hostile code but they are still on the case of finding out how it got there. Which means, we can’t be certain (yet!) that the problem won’t recur.
If you are still getting alerts when visiting ErosBlog, please do two things for me. First, clear your cache (in FireFox, this is under Tools: Clear Private Data; in Internet Explorer, it’s under Tools: Internet Options, on the “General” tab, “delete” button under “Browsing History”, then Tempory Internet Files: Delete Files button) so that you’re sure you don’t have a cached copy of the hacked ErosBlog files on your local machine, and then double check. If you’re still getting ErosBlog alerts after clearing your cache, post in the comments to this post to let me know, so I can pass it on to technical support.
Once again, my fullest apologies. For six long years of blogging here, I have striven as hard as I know how to avoid serving anything here that contributes to the nightmare of popups and hostile code that pervades the internet. I am horrified by this attack and am working as hard as I know how to make sure it’s put down with silver bullets, ashwood stakes, and as much holy water as can be imported via local ports and pipelines.
Shorter URL for sharing: https://www.erosblog.com/?p=2351
Er… does this have anything to do with the not very sexy, mood-killing vegan advertisement, on the side border of your blog, that takes you to deplorable slaughter-house footage when you click on it???
No, that’s just animal rights activists being their usual charming selves. I’m quite baffled by why they chose ErosBlog to spend their advertising dollars, but since they made it clear they were linking to something ugly, I saw no reason to refuse their ad buy.
Sadly, I can’t blame the ads for this one. The ErosBlog server appears to have been hacked, apparently via a vulnerability in other software running on the server. All *seems* fixed now, but of course I’m interested in reports of anybody who is still having trouble.
‘To the doc’
slaughter house video ad mid way, chick eating a hotdog top ad, very bad choice in advertising
I clicked on that add ! and my grill has been
neglected all week . and I’ve ate at arbys and
mc,Donald’s all week. has to be the hormones they put in the cows because now I feel the urge to look at gay porn. I think I will go back to the diseased beef and chicken. thank god beer was not on the site.
Thanks for your candor in disclosing this security breach. In this day and age, it’s far too common for people to sweep these things under the rug. Keep up the transparency and great blogging. :-)
Eh, don’t pat me on the head too hard, Raj. ;-) Sadly there are good reasons why the corporate guys can’t be seen to admitting to security breaches; ErosBlog is not quite that corporate, so I can still provide the warnings my readers need, but if I had just a little more skin in the game (i.e., corporate assets, shareholders) it would be a much harder call.
Thank you for the alert. I could not access the blog for a while. I figure it was whenever they were fixing the server thing.
However, I find it hard to believe that you had to instruct people on how to clear their cache. That is one of the first things people who look at “questionable content” should know how to do. :P