Microsoft is obviously aware of  “windows piracy” going-on but it seems they aren’t implementing effective counter measures to mitigate it. We received the latest buzz that hackers have successfully cracked Windows 7 via bypassing the product key activation.

Gizmodo had earlier reported that Windows 7 can be used “indefinitely” using this method. The hack nullifies the sppcompai.dll and even deactivates all the reminder pop-ups about activating the software. This workaround was used in activating Windows Vista but Microsoft had implemented a patch to counter it. Microsoft is well aware of the hack and it would be probable to say that the same counter measure (patch on vista) will be implemented to stop this new exploit.

Actually, this is the second hack made for Windows 7. First was on Windows 7 Ultimate edition RTM (Released to Manufacturing) when the “key” and “OEM” certificate were extracted and used to activate the software indefinitely. The activation code was reportedly extracted from a Windows 7 Ultimate OEM DVD ISO from Lenovo.

Unfortunately (for hackers), Microsoft has blacklisted this “leaked” OEM activation code. If you’re interested in reading the rest of this story, visit softpedia.

Wrap up

Microsoft might be able to block this latest hacking method on Windows 7, however, hackers and software pirates won’t rest until they found another way to bypass Windows 7 completely. They have succeeded pretty much with previous versions of Windows (including Vista). And it’s pretty obvious that they will be successful once more.

And this is currently what prank internet users are exploiting.

The message fraud is spreading like a wildfire in Twitter and Facebook networks for weeks now. The twitter message goes like this

AMBER ALERT: 3 year old BOY taken in ROCHESTER, IN by a man driving a MITSUBISHI ECLIPSE plate number 98B351. Please rt #fb.

Many users have fallen for it and made a chain of RT (re-tweets) and wall posts on their Twitter and Facebook accounts.

Again, we repeat if you receive similar messages in your social networking accounts do nothing. They are nothing more than a HOAX. To check if the AMBER ALERT is valid go to the National Center for Missing and Exploited Children’s website. Look for AMBER ALERTS. A quick check will reveal that no alerts are currently buzzed. (source: Mashable, Missingkids.com)

Their immediate respond on how you can protect your WordPress blog? UPDATE NOW!!

Who are affected?

Reports said that the attack affects ALL WordPress versions, and even 2.8.4 isn’t a complete safe island now. The only exception are WordPress.com blogs since they are up-to-date. The extent of the damage is still not fully disclosed, however, majority of the symptoms were seen.

How to detect if your site has been attacked?

A popular WordPress blog : Lorelle on WordPress gave these indicators.

There are two clues that your WordPress site has been attacked.

1. There are strange additions to the pretty permalinks, such as example.com/category/post-title/%&(%7B$%7Beval(base64_decode($_SERVER%5BHTTP_REFERER%5D))%7D%7D|.+)&%/. The keywords are “eval” and “base64_decode”

2. A “back door” was created by a “hidden” Administrator. Check your site users for “Administrator (2)” or a name you do not recognize. You will probably be unable to access that account, but Journey Etc. has a possible solution.

Tips to prevent and protect your WordPress blogs

1. UPDATE NOW! Old versions of WordPress are very vulnerable to attacks. If you are using versions after 2.7, the nag screen in the administration panel urge you to upgrade, do it. Older versions than 2.7 should be upgraded immediately

2. Do not rely upon a WordPress Plugin to protect you. There were many reports of Plugins that claims to “help” in the forums. They could in other ways, but the best thing right now is to Upgrade, so please do. Currently, this is the only solution available if your site has not been impacted.

3. Change ALL passwords to a stronger password immediately. This includes WordPress blog access for all users, database, FTP, control panels, everything.

What can you do if you’ve been attacked?

Key WordPress developers are working on a possible solution for this mess. They will release security updates as soon as they found a solution for this.  For now what you can do, if you think your WordPress blog has been attacked, are the following:

1. Export all your content with the built-in XML WordPress export (pre 2.1 versions, try the WordPress-to-WordPress Import WordPress Plugin) and literally remove your WordPress installation totally (save images and general files). DO NOT EXPORT YOUR DATABASE! This would only export the hacked code as well.

2. Install the latest version of WordPress and add the “clean” backup of your WordPress Theme, then import the XML export. The export will contain your posts, Pages, and comments, and hopefully no other hacked code.

3. Be cautious not to export the “whole” database since the hack has gone deep into the WordPress DB. You can view, “How To Completely Clean Your Hacked WordPress Installation” by Smackdown for additional tips. It is a good article on how to reinstall WordPress after being hacked.

Wrap up

As always, cyber bastards are alive and wants to sabotage our “peaceful” online living. Literally, millions of users such as governments, offices, business establishments and bloggers are using WordPress today. If these attacks would fully materialize, and prove to be fatal, a catastrophe in large proportion may arise within the WordPress community.

Always check WordPress Support Forums for more information and support. As well as the WordPress Development Blog for other updates in your WordPress blog.

Other helpful articles can be read on Lorelle on WordPress. The website “strongly” encourages to spread the WORD about this attacks so that millions of users on WordPress would be informed and prepared.

According to an unidentified Facebook officer: An IP trace was found, leading to an attack to several blogging accounts of  ONE PERSON who’s only known by his username in twitter, facebook and livejournal as “CYXMU” (which is a town in Georgia). The motive of the attack was to STOP CYXMU from posting POLITICALLY related BLOGS that will hurt an adversary.

So to stop CYXMU from BLOGGING the information, computer “Hijackers” launch simultaneous DOS attacks to CYXMU’S blogging account such as (Facebook, livejournal, Google’s blogger and Twitter). This is the reason why suddenly, these FOUR GIANT social networking sites were paralyzed though Twitter seems to be the one who is much severed by the said attacks.

The sad thing: Popular blogs around the world are sharing this news like it’s a BEAUTY CONTEST, wherein the winner is the one who can post the MOST and the FASTEST!… You don’t believe me?

just check mashable, pcworld, yahoo tech blog etc. Echoing the same news redundantly like a “broken-jukebox”. One blogger from yahoo tech-blog even stated something like:

Here’s what I find so chilling about yesterday’s Twitter attack: that these guys, whoever they are, apparently thought nothing of taking down an entire communications network because they didn’t like what one person was saying.

Oups? These folks should understand that THIS IS BIGGER THAN THEIR EVERYDAY SCOOP, so please before creating blogs make sure it’s for CERTAIN and will contribute NEW information. For now, the only CERTAIN thing is, NOTHING. Their basis was just a report coming from CNET who’s source came from “an unidentified facebook officer” and the official statement of Twitter, Google and this guy “CYXMU” haven’t reach the surface yet!

This kind of news is a “dual-edge” type, which means it could have two stories with 2 endings.

It’s either the story is really TRUE, and there has been a real threat to a certain political group. That’s why, they launched a DOS on “CYXMYU” blogging accounts.

Or the said scoop was just a BIG-LIE, and these attacks were purely ORCHESTRATED by someone else’s demise. A group of individuals who were just PULLING the string and pointing somebody to blame on, so the real SUSPECTS can run a FREE-PASS!

Either way you choose the sides of the story, the results are both DISADVANTAGEOUS. Why?

Remember: When you visit Facebook, Blogger, Livejournal, you can actually see their assurance that your accounts are safe and they always take security to a NO. 1 PRIORITY. Then all of a sudden, one fine thursday morning, these 4 GIANT SOCIAL NETWORKING sites have been compromised by anonymous “hijackers”, who manage to cripple their SERVERS just like that?

What happened to the UNMATCHABLE security they are talking about on these time of “trouble”?

We all know on these circumstance, we need to support each community. But along the support comes the “constructive-critiscism” and questions. My best bet is, even after the investigation and the REAL REASONS have floated, there will always be that INNOCENT someone who will be BLAME-ON and a WOLF who just got a FREE-PASS again.

But that’s just me. :D