Login / Register 0 items | $0.00 New @ KVR
User avatar
Sampleconstruct
KVRAF
 
13902 posts since 12 Oct, 2008, from Here and there

Postby Sampleconstruct; Thu Mar 08, 2018 11:42 am Patchpool hacked by spam bots - Easter discounts inside this thread.

Current URL:
https://www.patchpool.net/

Current Email:
salesATpatchpoolDOTnet

----

What a great way to waste some time, patchpool.net and all my other websites have been hacked by spam bots, offline now since 48+ hours, my provider blocked all my websites and I had to take many required steps to meet their requirements to go online again (change all passwords of all e-mail addresses, change all passwords for the FTP server, change all passwords for accounting etc. - manually delete dozens of infected files from dozens of infected folders, some of them nested within subfolders and more subfolders).

What a great way to waste some life time, the Internet makes me sick (occasionally).

----

But hey, Easter is coming up, whoever reads this thread and wants to obtain some patchpool sounds, just contact me via E-Mail: salesATpatchpoolDOTnet – if you have a PayPal account, I can send an invoice which you can pay with two clicks.

25% on single items, 15% on bundles.

----
User avatar
Sampleconstruct
KVRAF
 
13902 posts since 12 Oct, 2008, from Here and there

Postby Sampleconstruct; Sat Mar 10, 2018 10:10 pm Re: Patchpool hacked by spam bots

5 days offline now and still no message from my provider. What a drag...
User avatar
Touch The Universe
KVRAF
 
3223 posts since 2 Oct, 2008

Postby Touch The Universe; Sat Mar 10, 2018 11:57 pm Re: Patchpool hacked by spam bots

Just curious, when you signed up for domain registration, did you also signup for domain privacy?

How did this happen? Do you have a way to prevent this in the future?
High Quality Soundsets with a generous amount of presets for Lush-101, Hive, Electra 2, Diversion, Halion, Largo, Rapid, Dune II, and Spire.
http://www.touch-the-universe.com/
User avatar
Sampleconstruct
KVRAF
 
13902 posts since 12 Oct, 2008, from Here and there

Postby Sampleconstruct; Sun Mar 11, 2018 8:25 am Re: Patchpool hacked by spam bots

Touch The Universe wrote:Just curious, when you signed up for domain registration, did you also signup for domain privacy?

How did this happen? Do you have a way to prevent this in the future?


Hard to tell what technique was used exactly, it must have started any months ago when I noticed alien .php files on my FTP server which I deleted manually, then I bought/activated a security package (site guard) which prevents existing files to be changed and claims to detect any kind of malware (which is obviously wrong), but still sometimes alien files were added to various of my websites. Then they must have gotten hold of one or several of my passwords (FTP/e-mail/master account access) and started spamming until the provider blocked all my sites. As I don't have a virus or trojan on any of my computers, the FTP server itself must have been used to send out the spam.
Shockwave77598
KVRer
 
18 posts since 15 Mar, 2018

Postby Shockwave77598; Thu Mar 15, 2018 9:14 am Re: Patchpool hacked by spam bots

I was that DAY going to get an Alchemy instruments set. *fumes* Go to the website, find German words telling me the site was down... My darned luck.

How long before the website is back in service?
User avatar
Sampleconstruct
KVRAF
 
13902 posts since 12 Oct, 2008, from Here and there

Postby Sampleconstruct; Thu Mar 15, 2018 9:29 am Re: Patchpool hacked by spam bots

Shockwave77598 wrote:I was that DAY going to get an Alchemy instruments set. *fumes* Go to the website, find German words telling me the site was down... My darned luck.

How long before the website is back in service?


Good question, they are still nagging me, I removed all faulty and infected files, but it seems to take ages for them to double check. I shall change my webhosting company after this is over, after all it was their servers which got hacked and their security system is faulty, I am just a customer with no rights it seems...
Dang!
User avatar
Sampleconstruct
KVRAF
 
13902 posts since 12 Oct, 2008, from Here and there

Postby Sampleconstruct; Thu Mar 15, 2018 9:53 am Re: Patchpool hacked by spam bots

But hey, Easter is coming up, whoever reads this thread and wants to obtain some patchpool sounds, just contact me via E-Mail: orderATpatchpoolDOT.net – if you have a PayPal account, I can send an invoice which you can pay with two clicks.

25% on single items, 15% on bundles.
User avatar
Sampleconstruct
KVRAF
 
13902 posts since 12 Oct, 2008, from Here and there

Postby Sampleconstruct; Sun Mar 18, 2018 8:31 am Re: Patchpool hacked by spam bots

Sampleconstruct wrote:But hey, Easter is coming up, whoever reads this thread and wants to obtain some patchpool sounds, just contact me via E-Mail: orderATpatchpoolDOT.net – if you have a PayPal account, I can send an invoice which you can pay with two clicks.

25% on single items, 15% on bundles.


Two weeks until Easter, as I have no idea who long my provider is gong to nag me and I won't have the time to change the entire website with discounted Easter prices once I'm back online, just place your orders via E-Mail (as described above) or ask in this thread, if you have any questions about certain products from the patchpool portfolio.
User avatar
Sampleconstruct
KVRAF
 
13902 posts since 12 Oct, 2008, from Here and there

Postby Sampleconstruct; Tue Mar 20, 2018 8:34 am Re: Patchpool hacked by spam bots - Easter discounts inside this thread.

So more infected scripts and files were detected today by my provider, another three hours of hunting .php-files which were altered inside the webspace by the spam bots yet looked fine on my hard disk. This is turning into a nightmare, but I'm trying to keep my moral in good shape, one day this will be over :)

Easter discounts are on...Mail: orderATpatchpoolDOT.net
User avatar
Sampleconstruct
KVRAF
 
13902 posts since 12 Oct, 2008, from Here and there

Postby Sampleconstruct; Tue Mar 20, 2018 10:17 pm Re: Patchpool hacked by spam bots - Easter discounts inside this thread.

So I worked the entire night to sign up with a new host and migrate the patchpool website to a new domain which for now is:
https://patchpool.company

Redirects from patchpool.net/patchpool.de are not possible, as these urls are blocked (probably for weeks to come).

The prices displayed are the regular ones, just contact me to obtain your discounts. I need some sleep...
User avatar
Sampleconstruct
KVRAF
 
13902 posts since 12 Oct, 2008, from Here and there

Postby Sampleconstruct; Thu Mar 22, 2018 4:21 pm Re: Patchpool hacked by spam bots - Easter discounts inside this thread.

LOL, now my former provider is obviously getting angry and just deleted all my patchpool e-mail accounts leaving me without any options to retrieve those – although the migration to the new provider has been completed it can take up to 72 hours until patchpool.net and patchpool.de are online again, but the e-mail addresses are gone for now. So please use salesATpatchpoolDOTnet for your orders instead until everything is sorted out.

This is a great experience...
KeithAdv
KVRist
 
142 posts since 18 Mar, 2006

Postby KeithAdv; Thu Mar 22, 2018 4:42 pm Re: Patchpool hacked by spam bots - Easter discounts inside this thread.

Not knowing the particulars, your ex-host may actually have been a contributor to the problem. If you were on a shared server, it is easier for a hacker to get into your site from another compromised site on that same server. Sometimes they'll actually open an account on that server for the express purpose of gaining access to the other shared sites there. It has less to do with how your site is hardened than how the server is hardened. I've had at least one client site where that happened.

Keep fighting the good fight. You're one of the best sound designers out there. :)
User avatar
Sampleconstruct
KVRAF
 
13902 posts since 12 Oct, 2008, from Here and there

Postby Sampleconstruct; Thu Mar 22, 2018 4:47 pm Re: Patchpool hacked by spam bots - Easter discounts inside this thread.

KeithAdv wrote:Not knowing the particulars, your ex-host may actually have been a contributor to the problem. If you were on a shared server, it is easier for a hacker to get into your site from another compromised site on that same server. Sometimes they'll actually open an account on that server for the express purpose of gaining access to the other shared sites there. It has less to do with how your site is hardened than how the server is hardened. I've had at least one client site where that happened.

Keep fighting the good fight. You're one of the best sound designers out there. :)


Thanks for the praise.
I totally agree, they (STRATO) are part of the problem, especially when selling me extra products like “site lock“ which is supposed to prevent spam bots and malware deployers from intruding, but I might as well have thrown all that extra cash outside my kitchen window, it war worth absolutely nothing, zero, zilch...and now just deleting my e-mail accounts without any prior notice -> German customer service.
User avatar
Sampleconstruct
KVRAF
 
13902 posts since 12 Oct, 2008, from Here and there

Postby Sampleconstruct; Fri Mar 23, 2018 12:56 am Re: Patchpool hacked by spam bots - Easter discounts inside this thread.

Small steps back to normality: https://www.patchpool.net/ is working again, the .de-address is still offline.
gaf_thit
KVRist
 
481 posts since 28 Sep, 2012, from Norway

Postby gaf_thit; Fri Mar 23, 2018 5:18 am Re: Patchpool hacked by spam bots - Easter discounts inside this thread.

Sorry to hear of your trouble.
Good luck with getting back up soaring into orbit.
Next

Moderator: Sampleconstruct

Return to patchpool