Day: September 26, 2018

Over The Target: Our First Site Hack

It’s great to know that we’re already bothering the other side.  Tonight – the first attack on this site, via the WordPress sidebar widgets.  These are people who know who I am, too – very interesting.  My guess is KGB-CIA, although Brits and ChiComs are likely, too.
Sadly, I may have to disable the sidebar, but we’ll see.  WordPress will need to be notified that they are vulnerable to some new hack, possibly via those sidebar widgets.
This is not the first time WordPress has been hacked.
WordPress_SQL_Hack
https://thehackernews.com/2017/06/wordpress-hacking-sql-injection.html
So far, what I have seen is only modification of the “followed blogs” list.  Somehow they are able to manipulate that list.  It’s very likely they can do more, but we’ll see.
Remember – SCREENSHOTS are your friend in dealing with these perps.  Sadly, I MISSED the very first one, so you’ll have to do with a description of that first image.

 
Here is what my sidebar blog and link lists should look like now.  This is close to what they looked like at the beginning of this story, after I added them.
WordPress_Hacked_0
Intitially, the “Blogroll” list looked a lot bigger – it was filled with what looked like “suggested” WordPress internal blogs from WordPress itself, explaining different options, services, etc.  I pared that down to what you see above.
The “Blogs I Follow” list looked just like above, but it was partially unfamiliar – I had forgotten about “BrotherWatch” and “The Daily Post”, which I believe I followed while tending my other blog, wolfmoon1776.wordpress.com.  but otherwise, THAT seemed normal.
A bit later, while working on the site, I noticed that the “Follow” list was now MUCH longer, and filled with MANY unfamiliar blogs.  I thought that maybe these were SUGGESTED blogs – or perhaps blogs I had at one time visited.  I thought that I MIGHT have visited one or two, but on looking at them more closely, they didn’t seem familiar at all.  And I was definitely NOT following them.
Then it struck me.  These blogs may have been used to support a PLAUSIBLE DOXXING PATH. They were not influence – these people are WELL beyond attempting influence at this point.  I think they want things to LOOK like influence while trying to find paths to discredit.
The other side knows exactly who I am.  They have worked very skillfully to try to degrade my effectiveness in various ways, both online and in real life.   At some point I’ll get into the details, but for now, let’s just stick to the hack.
Once I realized that I didn’t follow these blogs, and that they were likely a hack of some kind, I added a Sidebar Text Widget to explain that people would be seeing blogs I didn’t actually follow.  I was going to suggest it was a HACK.  But THEN, thinking best not to overreact, I cut back the explanation to just the following – saying that I didn’t follow all these blogs.
WordPress_Hacking_6
After I posted THAT, this is what my sidebar looked like:
WordPress_Hacked_0
Yes.  It was back to normal.  I had definitely been HACKED at some level.  It was possible that the hack was limited in some fashion.  SO – I opened up the Text Widget and changed it to THIS:
WordPress_Hacked_4
Well, THAT provoked THIS reaction from the hackers:
 
WordPress_Hacked_1
I made sure I took pictures, and then refreshed the browser.  Back to normal:
WordPress_Hacked_3
 
And guess what?  Just now, they’ve changed it BACK to the insult, while I’m in the process of editing this post.
WordPress_Hacking_7
THAT is a clue to the hack.  They do this stuff while I’m either working on the site, or adding a post.  Intercepted token, perhaps?  Oh, CIA!  You’re so CHINA!
So – the bottom line is that we’re over the target.  But I’ll probably remove the widget.
Say goodbye to our friends!  Stefan Halper, the architect of Watergate:
Fat_Bastard
Cankles – the architect of the attacks on Brett Kavanaugh:
Katz_Hillary
 
And CHINA, the architect of EVIL:
china-penalty
 
I keep telling these people to just leave me alone.  And EVERY TIME they fail to take my advice.  But – that’s OK.  It’s like Q says.
These people are….. yeah.
Win a penny.  Lose a buck.
PS – I think I just realized something even MORE damaging to the other side.  THIS is not just about me.  It’s a GENERAL HACK that they use to INFLUENCE people by making them believe that people who influence them follow other people who they don’t really follow.
Isn’t that an amazing social engineering hack?  They are using HACKED FOLLOW LISTS to deceive us about who follows who – who LOOKS to who.  Who RESPECTS who.
And you KNOW – you just KNOW – that the Facebook empire is using this technique to modify Americans OUT THE WAZOO.

I need to ask a question:  

HOW MUCH  HAVE THEY BEEN MODIFYING THE TREEHOUSE?
And another:
How do I know I’m seeing the same Treehouse everybody else is seeing?
Answer:
I don’t.  It will be interesting to see if WordPress fixes their follow lists.  Or not.

Interesting.

W

Coburn_Laughing
“And then he says ‘Yeah, but it’s a COPPER penny!'”