Gootloader infection cleaned up

Dear blog owner and visitors,

This blog had been infected to serve up Gootloader malware to Google search victims, via a common tactic known as SEO (Search Engine Optimization) poisioning. Your blog was serving up 387 malicious pages. Your blogged served up malware to 0 visitors.

I tried my best to clean up the infection, but I would do the following:

  • Upgrade WordPress to the latest version (one way the attackers might have gained access to your server)
  • Upgrade all WordPress themes to the latest versions (another way the attackers might have gained access to your server)
  • Upgrade all WordPress plugins (another way the attackers might have gained access to your server), and remove any unnecessary plugins.
  • Verify all users are valid (in case the attackers left a backup account, to get back in)
  • Change all passwords (for WordPress accounts, FTP, SSH, database, etc.) and keys. This is probably how the attackers got in, as they are known to brute force weak passwords
  • Run antivirus scans on your server
  • Block these IPs (5.8.18.7 and 89.238.176.151), either in your firewall, .htaccess file, or in your /etc/hosts file, as these are the attackers command and control servers, which send malicious commands for your blog to execute
  • Check cronjobs (both server and WordPress), aka scheduled tasks. This is a common method that an attacker will use to get back in. If you are not sure, what this is, Google it
  • Consider wiping the server completly, as you do not know how deep the infection is. If you decide not to, I recommend installing some security plugins for WordPress, to try and scan for any remaining malicious files. Integrity Checker, WordPress Core Integrity Checker, Sucuri Security,
    and Wordfence Security, all do some level of detection, but not 100% guaranteed
  • Go through the process for Google to recrawl your site, to remove the malcious links (to see what malicious pages there were, Go to Google and search site:your_site.com agreement)
  • Check subdomains, to see if they were infected as well
  • Check file permissions

Gootloader (previously Gootkit) malware has been around since 2014, and is used to initally infect a system, and then sell that access off to other attackers, who then usually deploy additional malware, to include ransomware and banking trojans. By cleaning up your blog, it will make a dent in how they infect victims. PLEASE try to keep it up-to-date and secure, so this does not happen again.

Sincerly,

The Internet Janitor

Below are some links to research/further explaination on Gootloader:

https://news.sophos.com/en-us/2021/03/01/gootloader-expands-its-payload-delivery-options/

https://news.sophos.com/en-us/2021/08/12/gootloaders-mothership-controls-malicious-content/

https://www.richinfante.com/2020/04/12/reverse-engineering-dolly-wordpress-malware

https://blog.sucuri.net/2018/12/clever-seo-spam-injection.html

This message

Shazam! (2019)

In episode 66 Hemant comes clean as to why there was no regular episode last week, and it has something to do with the start of the NBA Playoffs.

After talking about how he has high hopes for the Toronto Raptors this post season he shares his thoughts on Shazam!, the newest installment in the DC Extended Universe.

00:41Introduction
1:14NBA Playoffs Have Taken Over My Life
3:59Shazam! (2019)
21:33Next Week
23:27Wrap-up

Follow Hemant on Twitter at @hjnaidu and on Letterboxd

Follow The Red 7 Movie Cast Podcast on Twitter at @redsevencast

Please subscribe on iTunes, Google Play, Stitcher, or TuneIn.

Bumblebee (2018)

In episode 65 Hemant opens up with a couple of quick reviews of some films that just hit home release – Clint Eastwood’s The Mule and Adam McKay’s Vice.

He then gets into the feature review of Bumblebee, the newest addition to the Transformers franchise.

00:41Introduction
1:13Quick Review – The Mule (2018)
4:59Quick Review – Vice (2018)
9:08Bumblebee (2018)
26:17Next Week
27:14Wrap-up

Follow Hemant on Twitter at @hjnaidu and on Letterboxd

Follow The Red 7 Movie Cast Podcast on Twitter at @redsevencast

Please subscribe on iTunes, Google Play, Stitcher, or TuneIn.

Us (2019)

Jordan Peele’s newest film Us hit theaters a couple weekends ago and it has been on a tear, pulling in big money. Hemant wasn’t able to see it opening weekend, but was able to make time to check it out during the week.

In episode 64 he dives into a spoiler free review of Us and talks about what worked and didn’t work for him.

00:41Introduction
2:03Us (2019)
23:22Next Week
24:47Wrap-up

‘Us’ Movie Explained: Exploring the Biggest Questions and Craziest Twists in Jordan Peele’s Film on slashfilm.com

Follow Hemant on Twitter at @hjnaidu and on Letterboxd

Follow The Red 7 Movie Cast Podcast on Twitter at @redsevencast

Please subscribe on iTunes, Google Play, Stitcher, or TuneIn.

Triple Frontier (2019)

In episode 63 Hemant confesses why he missed recording an episode last week even though he had all the preparation done. It may have something to do with the release of Tom Clancy’s The Division 2 video game.

Even though the new format for the show states that there will only be one review per episode, he does briefly talk about Fantastic Beasts: The Crimes of Grindelwald, and why he found it to be so infuriating.

He then moves on to the main review of Triple Frontier, the new J.C. Chandor Netflix film starring Ben Affleck, Oscar Isaac, and Charlie Hunnam.

00:41Introduction
1:26Podcast Neglect because of The Division 2
3:46Fantastic Beasts: The Crimes of Grindelwald (2018)
10:56Triple Frontier (2019)
25:34Next Week
27:51Wrap-up

Follow Hemant on Twitter at @hjnaidu and on Letterboxd

Follow The Red 7 Movie Cast Podcast on Twitter at @redsevencast

Please subscribe on iTunes, Google Play, Stitcher, or TuneIn.

Captain Marvel (2019)

The newest Marvel film just hit theaters this past weekend and it is making big time money. Hemant, his wife, and his 8 year old son were three of those people that contributed to its massive opening weekend box office numbers.

In episode 62 Hemant shares his thoughts on Captain Marvel and what it adds to the Marvel Cinematic Universe.

00:41Introduction
1:04Captain Marvel (2019)
19:32Wrap-up

Follow Hemant on Twitter at @hjnaidu and on Letterboxd

Follow The Red 7 Movie Cast Podcast on Twitter at @redsevencast

Please subscribe on iTunes, Google Play, Stitcher, or TuneIn.

Ralph Breaks the Internet (2018)

In episode 61 Hemant is excited to talk about his cure for the monotony of running on a treadmill. If you’ve listened to this podcast in the past there’s a good chance you’ve heard him rant about how much he hates treadmill runs. But thanks to a friend, he is now running using an online virtual running program called Zwift, and he couldn’t be happier.

Once he’s done running through his walkthrough of Zwift he jumps into a review of 2018’s Ralph Breaks the Internet. It was just released on Bluray and was the feature presentation of the latest family movie night.

00:41Introduction
1:07Running with Zwift
7:43Ralph Breaks the Internet (2018)
19:08Wrap-up

Learn more about Zwift if you’re doing any indoor running or cycling.

Follow Hemant on Twitter at @hjnaidu and on Letterboxd

Follow The Red 7 Movie Cast Podcast on Twitter at @redsevencast

Please subscribe on iTunes, Google Play, Stitcher, or TuneIn.

Alpha (2018)

In episode 60 Hemant explains why there hasn’t been a new episode for nearly a month, and you can be sure that it wasn’t because he was being lazy. He then talks about the new format for the podcast which mostly involves focusing on one film per episode and keeping the reviews short and focused. The goal is to keep episodes to a nice and easy to digest length of 15 minutes.

So for the first episode under this new format Hemant shares his thoughts on the 2018 film Alpha from director Albert Hughes.

00:41Introduction
5:14A New Format
8:03Alpha (2018)
21:00Wrap-up

Follow Hemant on Twitter at @hjnaidu and on Letterboxd

Follow The Red 7 Movie Cast Podcast on Twitter at @redsevencast

Please subscribe on iTunes, Google Play, Stitcher, or TuneIn.


59. Glass

M. Night Shyamalan is back with his sequel to Unbreakable and Split. Glass just opened this past weekend and Hemant had a chance to see it opening night. In this episode he shares his thoughts on this highly anticipated film.

But before he gets into that he rips through a few quick reviews including First Reformed, Halloween (2018), and The Oath.

He also talks about the incredible experience he had playing the Star Wars Battlefront X-Wing VR Mission for the Playstation VR.

00:41Introduction
1:33Quick Review – First Reformed (2017)
7:40Quick Review – Halloween (2018)
14:03Quick Review – The Oath (2018)
19:58Playstation VR – Battlefront Rogue One X-Wing VR Mission
31:30Glass (2018)
54:54Next Week
56:16Wrap-up

Frozen Fest 2019 List in Letterboxd

Follow Hemant on Twitter at @hjnaidu and on Letterboxd

Follow The Red 7 Movie Cast Podcast on Twitter at @redsevencast

Please subscribe on iTunes, Google Play, Stitcher, or TuneIn.

58. Venom

It’s week 2 of Frozen Fest 2019 where Hemant watches at least one movie per day for the month of January. In this episode he does some quick reviews of some of his favourites over this time which include The Rider, Blindspotting, Sorry to Bother You, The House that Jack Built, and Zero Charisma.

It’s then time to dive into this week’s feature review of Venom which was just released on Bluray.

00:41Introduction
1:38Frozen Fest 2019
3:59Quick Review – The Rider (2017)
9:40Quick Review – Blindspotting (2018)
12:38Quick Review – Sorry to Bother You (2018)
16:23Quick Review – The House that Jack Built (2018)
22:03Quick Review – Zero Charisma (2013)
27:37Venom (2018)
47:13Next Week
49:08Wrap-up

Frozen Fest 2019 List in Letterboxd

Follow Hemant on Twitter at @hjnaidu and on Letterboxd

Follow The Red 7 Movie Cast Podcast on Twitter at @redsevencast

Please subscribe on iTunes, Google Play, Stitcher, or TuneIn.