Saturday, November 8, 2008
On the afternoon of November 7, our site CatSynth.com suffered a major cyber-attack!
Everything was erased, all of CatSynth, my professional music website, the popular Mondrian Machine. Everything.
It is possible I can coax my service provider to restore things from a backup. Meanwhile, I have an older full-site backup, and I have recovered all the text and comments through Friday. So hopefully I will be able to restore the site with a few days to a week.
I have also been going over the logs (which were intact after the attack), and I have pieced together exactly when they got in, and to a certain degree, what they did. I would rather not go into technical details, but I can see a script being run, and after that all webpage access starting to fail with "404 not found." I also found a piece of assembly code left behind. It looks like that was only for clean-up purposes after the deed was done.
As far as I can tell, the only thing done was getting in and erasing the site. There was no evidence that they used their access to send emails or attack other sites, or steal information. They just wanted to destroy the site. I can't say whether it was a random act of senseless violence - there are people who just attack random sites for fun or bravado. But the timing and fact that all they did was destroy the site suggests it could have been deliberate. Possibly even political. We at CatSynth were outspoken in our support for certain people and issues, but in a mild low-key sort of way. But if an angry person was going through hundreds of sites looking for a vulnerability, we could have just been an easy target.