Sangat Pedas

Cracker Versus Sangatpedas

hacker-crackerYesterday I wrote a post on how to simply avoid WordPress “password reset hacks“, because that’s exactly what happened to this blog yesterday and already some more times before. I actually thought and hoped that would be the end of the hacking attempts but I couldn’t be more wrong.

When due to a severe jetlag I came out of bed around 3:30 AM this morning I noticed an email from my hosting provider that the website was deactivated due to a DDOS attack. Like WTF?? You just won’t give up, do you? I mean even if he would have succeeded and defaced the site then probably 150 visitors would actually notice it. And to be honest, I wouldn’t  care less. For me this is not a business but just a blog where I write when I feel like it.

But I got intrigued and wanted to know more about the methods of this cracker. My provider emailed that the guy was doing an outbound Denial-Of-Service attack through this file: ~/wp-content/themes/twentytwelve/archive.php. A theme that’s installed by default and not even used on this site.

Anyway, the hacker is operating on a host with a US IP and a Brazilian hostname and my guess is that somehow I tipped him off because after I activated the site again he immediately tried to continue where he left off when the site was taken down.
United States Los Angeles, United States
IP: 184.22.228.54  [permanently blocked]
Hostname: 6.astroemail.com.br

Good stuff mate, besides that you’re giving me some stuff to write about you also educate me very well on the standard hacks even 12-year old can Google and execute. Obviously since this has become personal I hope you won’t disappoint me by giving up but instead come up with some new self-engineered cracks. Because now it seems you’re just another wacker  with no more skills than anyone who can access a search engine. Make Brazil proud and write history by cracking the smallest blog in the universe. Boa Sorte!

UPDATE: Sorry bro but I just blocked you Brazil IP as well. Btw, the files your looking for either don’t exist or are nicely protected.
Brazil Brazil
IP: 187.64.9.78 [permanently blocked]
Hostname: bb40094e.virtua.com.br

UPDATE: Hello Cracker from Florianopolis, how’s that cracking thing working out for you so far, any luck?

Screen Shot 2013-08-16 at 7.48.59 AM

Comments are closed.