Thursday, October 13, 2011

CSTM and the Malware Attack

Monday evening around 9:00pm Eastern, we started receiving reports that our site had a malware redirect issue. Merric was with Baby Hobbit and I was actually grocery shopping so we weren't sure what happened or changed with our site to allow this to happen.

Merric has put in a ticket with our host and to attempt to temporary stop the issue researched and corrected our .htaccess file to stop the redirect to the malware site and we promptly change all our passwords.

However this fix was only temporary as a script is hidden somewhere in our files to change this file repeatedly to ensure this malware redirection stays up. Merric tried several things to prevent access but no luck.

Our host is currently scanning and trying to find the script causing all this trouble for us. We may also need to start from scratch on a new word press installation. That is the only information I have to give right now but I wanted to keep everyone up to date.

Please DO NOT visit as we do not feel it is safe. We hope to have it corrected soon but I have no ETA.

I have redirected our RSS feed to our Temporary Halt to Mordor blog to keep updates going from us. We are also posting any news we have on our Facebook page.


  1. I still have the file in quarentine on my machine if you would like it. Not sure how to send it to you safely though.

  2. Malware script....YOU SHALL NOT PASS!

  3. Ugh..... I wish you had better luck with providers.. waiting this long to do anything is just bad customer service... I mean seriously it's.. friggin' Thursday..