Quokka Brew is the market’s first caffeinated Jitterless Coffee. Our patent-pending blend, made of organic amino acids and brain-boosting nootropics, counteracts the jitters and crash from caffeine—without sacrificing any of the energy. Each Quokka Brew is made using fair trade cold brew coffee, rich and creamy oat milk, exotic vanilla from Madagascar, and our jitterless blend. Our Vanilla Oat Milk Latte is vegan, organic, nut-free, and only 60 calories and 5 grams of sugar!
This blog had been infected to serve up Gootloader malware to Google search victims, via a common tactic known as SEO (Search Engine Optimization) poisioning. Your blog was serving up 208 malicious pages. Your blogged served up malware to 19 visitors.
I tried my best to clean up the infection, but I would do the following:
Upgrade WordPress to the latest version (one way the attackers might have gained access to your server)
Upgrade all WordPress themes to the latest versions (another way the attackers might have gained access to your server)
Upgrade all WordPress plugins (another way the attackers might have gained access to your server), and remove any unnecessary plugins.
Verify all users are valid (in case the attackers left a backup account, to get back in)
Change all passwords (for WordPress accounts, FTP, SSH, database, etc.) and keys. This is probably how the attackers got in, as they are known to brute force weak passwords
Run antivirus scans on your server
Block these IPs (188.8.131.52 and 184.108.40.206), either in your firewall, .htaccess file, or in your /etc/hosts file, as these are the attackers command and control servers, which send malicious commands for your blog to execute
Check cronjobs (both server and WordPress), aka scheduled tasks. This is a common method that an attacker will use to get back in. If you are not sure, what this is, Google it
Consider wiping the server completly, as you do not know how deep the infection is. If you decide not to, I recommend installing some security plugins for WordPress, to try and scan for any remaining malicious files. Integrity Checker, WordPress Core Integrity Checker, Sucuri Security,
and Wordfence Security, all do some level of detection, but not 100% guaranteed
Go through the process for Google to recrawl your site, to remove the malcious links (to see what malicious pages there were, Go to Google and search site:your_site.com agreement)
Check subdomains, to see if they were infected as well
Check file permissions
Gootloader (previously Gootkit) malware has been around since 2014, and is used to initally infect a system, and then sell that access off to other attackers, who then usually deploy additional malware, to include ransomware and banking trojans. By cleaning up your blog, it will make a dent in how they infect victims. PLEASE try to keep it up-to-date and secure, so this does not happen again.
The Internet Janitor
Below are some links to research/further explaination on Gootloader:
We though this video was too cool not to share. There is something almost magical about a good dressage team & this is no exception. Made even more interesting by the skeleton painstakingly drawn onto both rider & animal.
Lovely Pile of Bones
International Dressage Rider Matt Frost rides AMD Don Rosso II in an advanced dressage to music freestyle as the finale at the Reasons vs Excuses Lecture Demonstration with Adam Kemp and Gillian Higgins. Read more →
This quick film shows some of the benefits of using rosemary for animal skin & hair. With quick tips for making it easy to distill the goodness of this lovely fragrant herb. It’s good for your hair & skin too! Read more →
Of course your horse can’t enjoy a mojito, but it can benefit from some of the same properties we do in the mint (Mentha) plant. Mint aids digestion, makes great tea & horses actually like the flavor of it (how can they not?). It’s refreshing to see a plant that horses don’t have to avoid. Read more →