Bugger and disaster.
Okay. Since it appears that the Shoebox isn't the only community that's been hacked in this manner, here are some general safety tips you might want to consider doing so that this doesn't happen to you. (Yes, personal journals have also been hacked.)
1. DON'T CLICK ON THE LINKS! The hackers delete every entry on the journal and then post one where it's often blaah-blaah about moving to somewhere else, or just a very vague text with a link. The links lead to a Russian poetry site, stihi.ru. Hover over suspicious links and if you see this on the status bar, back away! People have been reporting about trojan horses and keyloggers that they think their computers were infected with after visiting that site.
2. If you clicked the links and are on a Mac, you're probably ok. Read this though, and consider doing a scan + removing unneeded cookies just in case. If you're running any other OS, be very very paranoid and run any and all malware detection software you can. TR/Packed.6941 Trojan and TR/Packed.6941.3 Trojan are the first actual file names I've heard about that have been found. I'll post more if I found out about any others. //ETA: here are a couple of other names. Check for these especially!
3. Then there's the usual stuff: check your firewall is on and file sharing off, always keep your OS and software updated, set a master password for your account/computer and don't tell it to anyone (and it shouldn't be your pet's name), and use a password manager that remembers all your passwords for you, so you don't have to type them.
How to protect your lj account from these hackers?
1. Is the email address associated with your lj account a hotmail? If so, make sure YOU are still the one in control of it. It appears these hacks have been accomplished by re-registering inactive hotmail accounts. This is just me, but I wouldn't use a hotmail account for anything these days anyway. There are lots of other free and safer alternatives available, so why not switch?
2. Set a security question that's asked when someone attempts to change your lj password.
3. Don't click the links on emails that you receive about requests to change your password if you haven't done the requesting yourself! Especially if they are written in a language that isn't your primary choice in lj land.
If your account has already been hacked, follow the instructions on this livejournal FAQ.
The thing that really makes me mad about this particular hacker case is that when they delete the entries, the comments are gone as well. And anyone who has read the SBP at the original site knows that comments are at least 1/3 of the whole SBP phenomenon. You can see here what one hacked lj user has been going through just to get most of their entries back. >:-/
This post is public, btw, so feel free to link to it if you think it helps anyone. I try to keep it updated if/when I find out more about this.
Also, you fanlistings people! There's an urgent security update for Enth you need to know about and install.
//ETA: The snippets are giving me and some others weird errors, but at least fix the files first and then see when the rest of it will be resolved.
//ETA March 13, 2000: LJ is FINALLY addressing this problem. Not that there's anything new in the instructions, but it appears that the email settings page has been improved a bit at least. I realize this isn't originally their fault (I'm looking at you, Microsoft), but seriously, they should have notified users of this MONTHS ago.
1. DON'T CLICK ON THE LINKS! The hackers delete every entry on the journal and then post one where it's often blaah-blaah about moving to somewhere else, or just a very vague text with a link. The links lead to a Russian poetry site, stihi.ru. Hover over suspicious links and if you see this on the status bar, back away! People have been reporting about trojan horses and keyloggers that they think their computers were infected with after visiting that site.
2. If you clicked the links and are on a Mac, you're probably ok. Read this though, and consider doing a scan + removing unneeded cookies just in case. If you're running any other OS, be very very paranoid and run any and all malware detection software you can. TR/Packed.6941 Trojan and TR/Packed.6941.3 Trojan are the first actual file names I've heard about that have been found. I'll post more if I found out about any others. //ETA: here are a couple of other names. Check for these especially!
3. Then there's the usual stuff: check your firewall is on and file sharing off, always keep your OS and software updated, set a master password for your account/computer and don't tell it to anyone (and it shouldn't be your pet's name), and use a password manager that remembers all your passwords for you, so you don't have to type them.
How to protect your lj account from these hackers?
1. Is the email address associated with your lj account a hotmail? If so, make sure YOU are still the one in control of it. It appears these hacks have been accomplished by re-registering inactive hotmail accounts. This is just me, but I wouldn't use a hotmail account for anything these days anyway. There are lots of other free and safer alternatives available, so why not switch?
2. Set a security question that's asked when someone attempts to change your lj password.
3. Don't click the links on emails that you receive about requests to change your password if you haven't done the requesting yourself! Especially if they are written in a language that isn't your primary choice in lj land.
If your account has already been hacked, follow the instructions on this livejournal FAQ.
The thing that really makes me mad about this particular hacker case is that when they delete the entries, the comments are gone as well. And anyone who has read the SBP at the original site knows that comments are at least 1/3 of the whole SBP phenomenon. You can see here what one hacked lj user has been going through just to get most of their entries back. >:-/
This post is public, btw, so feel free to link to it if you think it helps anyone. I try to keep it updated if/when I find out more about this.
Also, you fanlistings people! There's an urgent security update for Enth you need to know about and install.
//ETA: The snippets are giving me and some others weird errors, but at least fix the files first and then see when the rest of it will be resolved.
//ETA March 13, 2000: LJ is FINALLY addressing this problem. Not that there's anything new in the instructions, but it appears that the email settings page has been improved a bit at least. I realize this isn't originally their fault (I'm looking at you, Microsoft), but seriously, they should have notified users of this MONTHS ago.