My site was hacked yesterday (4/19/2008) due to a vulnerability in the Coppermine Photo Gallery software I used to run my Eye Candy Albums. Unfortunately once exploited, the hacker was able to also compromise my WordPress installation (i.e. my blog).

If you visited my site at any point on Saturday, April 19th, 2008 (or even the prior day), you will want to run a comprehensive virus/malware scan on your computer. There is a possibility that a virus or other malware could have been downloaded to your computer merely by visiting my site. I apologize for any inconvenience.  I discovered the attack less than 12 hours after it occurred and immediately took action to prevent further infection.

All the infected files have been deleted, and I am in the midst of the slow and arduous process of completely rebuilding my site. (Thank god for back-ups!) It may be some time however before my site looks ‘normal’ again. (Thank god for hiatuses!)

Unfortunately the Eye Candy Albums will be much more difficult to restore and will be unavailable until further notice. [UPDATE: The Eye Candy Albums are back online!]

I should note that my hosting provider GoDaddy offered me absolutely no support in resolving the issue. I have already prepaid my hosting bill for the upcoming months, but once it expires I will be seeking to move my site off their servers.

I should have mentioned this earlier, but my sister and a friend are visiting this week from out of town (she actually arrived a few days ago).  Since I’m spending a lot of time with them, I won’t be able to blog until after they leave next week.  If I can squeeze something in, I will.  Otherwise look for me to return around March 19th. 

Thanks for your patience!

Tonight purely by chance I discovered that someone has hijacked my feed at least partially.

As far as I can tell, this is happening only to people who subscribed to my feed through Bloglines’ "Add to Bloglines" bookmarklet.  I’ve been checking every resource I can think of to contact technical support at Bloglines by phone, but unfortunately they make this extremely difficult to do.  While I’m sure that Bloglines probably has a after-hours NOC, I can’t find any way to reach them.

Here’s the deal:  If you are read my site’s feed through Bloglines, please go to the "edit subscription" area for my particular feed.  If you see the following for the feed’s URL:

Please unsubscribe from it immediately.  It is a bogus feed.  I have nothing to do with that feed source other than they are stealing my content and putting advertising on it.  As soon as I figure out how to shut that other feed down, I will.

Please then subscribe to the correct feed for my site which is http://feeds.feedburner.com/Scott-O-Rama

While I’ve been aware that spam blogs have been taking the content from my feed and publishing it on their sites, this is the first I am aware of anyone actually hijacking the feed.  It’s especially disturbing to me because it can happen directly from my site itself.  All someone needs to do is be on my blog’s webpage and use their "Add to Bloglines" bookmarklet to be given the wrong feed.  I don’t understand how it’s happening, but once I know, I intend to do everything in my power to stop it up to and including legal action.  I’ve triple-checked all the code on my blog which leads me to believe it might be a security issue with Bloglines.  If that’s the case, it’s quite a serious flaw in their service.

Thank you, and if you don’t understand a word of this post, don’t worry about it.

Hey everyone-

I’m guest blogging again today.  You can find me over at Rcktman’s Launching Pad filling in while Rick undergoes some minor surgery.  Of course I would never use this opportunity to slander Rick mercilessly since he’s one of my competitors in the 2007 GLBT Verve Awards.

Or would I?  Bwahahahahahahahahaha! 

Guess you’ll just have to head over there and see.