Gootloader infection cleaned up

Dear blog owner and visitors,

This blog had been infected to serve up Gootloader malware to Google search victims, via a common tactic known as SEO (Search Engine Optimization) poisioning. Your blog was serving up 291 malicious pages. Your blogged served up malware to 0 visitors.

I tried my best to clean up the infection, but I would do the following:

  • Upgrade WordPress to the latest version (one way the attackers might have gained access to your server)
  • Upgrade all WordPress themes to the latest versions (another way the attackers might have gained access to your server)
  • Upgrade all WordPress plugins (another way the attackers might have gained access to your server), and remove any unnecessary plugins.
  • Verify all users are valid (in case the attackers left a backup account, to get back in)
  • Change all passwords (for WordPress accounts, FTP, SSH, database, etc.) and keys. This is probably how the attackers got in, as they are known to brute force weak passwords
  • Run antivirus scans on your server
  • Block these IPs (5.8.18.7 and 89.238.176.151), either in your firewall, .htaccess file, or in your /etc/hosts file, as these are the attackers command and control servers, which send malicious commands for your blog to execute
  • Check cronjobs (both server and WordPress), aka scheduled tasks. This is a common method that an attacker will use to get back in. If you are not sure, what this is, Google it
  • Consider wiping the server completly, as you do not know how deep the infection is. If you decide not to, I recommend installing some security plugins for WordPress, to try and scan for any remaining malicious files. Integrity Checker, WordPress Core Integrity Checker, Sucuri Security,
    and Wordfence Security, all do some level of detection, but not 100% guaranteed
  • Go through the process for Google to recrawl your site, to remove the malcious links (to see what malicious pages there were, Go to Google and search site:your_site.com agreement)
  • Check subdomains, to see if they were infected as well
  • Check file permissions

Gootloader (previously Gootkit) malware has been around since 2014, and is used to initally infect a system, and then sell that access off to other attackers, who then usually deploy additional malware, to include ransomware and banking trojans. By cleaning up your blog, it will make a dent in how they infect victims. PLEASE try to keep it up-to-date and secure, so this does not happen again.

Read More...

Follow Artist and Save Music Module

Follow Artist and Save Music is a 2 in 1 module which allows users to save an album/single and follow the artist with only one click.
To include this module in your widget, click on the Add Item (Retail Link or Module) button and select it from the list.

Once the module is added to your widget, click on Settings (located immediately under the module title). This opens a dialog window where you enter the Artist Spotify URI and the Album Spotify URI. If your release is a single, you should also add the single URI in spotify:album:xxxx (DO NOT enter the track URI).

The save and follow button will look like this:

Read More...

Spotify Codes + Beta Call

About Spotify Codes

Spotify has recently take a page from the Snapchat marketing playbook and added a new QR-Code like feature that enables you to share music via scannable images. The new Spotify Codes feature allows user to create unique barcode for every song, album, artist, and playlist.

This new feature is only available on mobile version of Spotify’s music application for now.  Users can scan these Spotify Codes with their camera from within the Spotify app (located in the Spotify app’s search bar) to instantly play that music.

Read More...

Metablocks Widgets New Features & Fixes Update (2017-07-04)

New features and bug fixes in today’s build:

  • Phone Numbers now fully functional. Users with a paid plan can acquire and use phone numbers in their Metablocks widgets or standalone. Statics pages added that show number of calls, messages, opt-ins and other important stats.
  • Translation support improve. Ability to review, improve or modify existing languages added.
  • Improvement made to widget creation – audio URL now supports Spotify URIs and url validation.
  • Built-in Pre-save to Spotify support now integrated with our Presave Platform.
  • New modules added:
    • Call Phone Number – this module has you to encourage users to call the phone number associated with the widget. See Example…
    • Text and Mobile Opt-ins – improvements and bug fixes made.   See Example…

    Read More...

Pre-save Campaigns: Questions and Answers

This post has moved to: http://blog.presavetospotify.com/2017/06/pre-save-campaigns-questions-and-answers/

Why are these pre-save campaigns proving popular?

Pre-saves have become the streaming equivalent of “Pre-orders”.  You’ll be hard pressed to find an artist or a label who doesn’t understand the value of doing a “Pre-order”. Well the same principal applies to Pre-saves! Fundamentally pre-saves make obvious marketing sense – it is better to start “collecting” your Spotify “streams and adds” sooner than later! That’s essentially what a pre-save allows you to do – it allows you to start the marketing process for generating and encouraging streams well in advance of your single, EP or album’s release.

Read More...

Metablocks Widgets New Features & Fixes Update (2017-06-27)

New features and bug fixes in today’s build:

  • Phone and Text application support added, phone functionality moved to phone tab
  • Translation support added, allows users to contribute to the localization process.
  • Subscription plans added.
  • Referral system in place under the settings tab.
  • New modules added:
    • Pre-save (Built-in) – this module has been updated and re-enabled for users with paid accounts
    • Text and Mobile Opt-ins – allows fans to opt-in to get mobile updates from the artist.

    Read More...

Metablocks Widgets – The New Retail Landing Pages

We recently released our Metablocks Widgets platform and wanted to give user with an update on some of the advanced new functionality we have recently added:

Read More...