March 8th, 2009

gemini remote

Massive LJ Hack

I've been seeing this everywhere so you probably have been, too. Just in case there are some of you who aren't aware of it, it seems like a lot of journals have been hit by hackers. They seem to be mostly targeting large communities and their moderators but no one can ever be too safe, right?

Basically, what the hackers do is delete everything - and I do mean everything - on a journal and then post to it stating that journal is closed and/or moved to another site. Do not click on any links. I actually saw this on a community I was watching but didn't pay much attention to it at the time since I wasn't aware of the hack yet. The entry will sound completely benign so don't kill yourself if you actually click on the links. But unless there was some previous indication that the journal was going to close indefinitely - frankly, I've never seen a comm close completely to the point of dumping its entire contents - it is highly likely that the entry is bogus. I don't know what LJ has been doing to prevent more future hack attempts but protect yourself. Not only does clicking the links dumps viruses and spyware onto your computer, it also throws in keyloggers, nasty little thing that logs everything you type at your hacked computer. So if you've got one on your machine, nothing is safe.

upstart_crow has a post here with a picture of exactly what the entry looks like. For those who don't want to click on any links today, here it is:

Dear friends, I, as the maintainer of the community, have to inform you that, due to the recent tragic events, I've decided to stop using LJ as a platform for my community. From now on, all new depression-related materials should be posted to the new community I've recently created, as for old posts, you will be able to find them there.

I've read somewhere that the links take you to a Russian poetry site. Those random Russian LJs that keep friending you? Don't friend them back.

copperbadge has a very informative post on how you can protect yourself here by deleting any old, unused emails associated with your account and/or enabling a security question. I personally was surprised that all the emails I ever used with LJ were all still there. Really, LJ? Really? Unfortunately, there is a damn catch with the email purging thing.

After changing to a new email address for use with an account, verifying it, and using it on the account for six months, it becomes un-removable, but allows for all earlier email addresses to be removed on the Manage Email page.

If you think your computer might've been compromised, run your anti-virus/spyware software.