So as I said previously, this hacker wasn't after me personally...it was just one of those spammers from a foreign country looking to exploit a GM-comments script by scouring the web. I had installed GM on Stan's site not even a month ago (he didn't even get a chance to use it yet!) for a future cactus blog, and despite the fact that I had an old GM script lying around at my main domain, I suspect this spammer somehow used Stan's script because when I went to check my email from my catch-all account, I got about 7,000 (I am not making this up, I am totally serious) bounced spam messages with fake back addresses like FredWilliams@Windowsillcactus.com. My webhost told me to update all my scripts I am running, but because GM is no longer actively being worked on, this had me concerned. They said my account was being used to process (send) 2000 spam messages a second of something. F-me! I don't need Stan's domain getting a rap for sending spam, since he is not doing it! I don't need any of my domains getting this rap. And although I was hoping the hacker used my old GM script that I'm no longer using and not the updated one I installed for Stan and previously for myself back in April, I have no way of knowing which script he used. I don't need my account suspended either! I did some Google research on the subject, and there are some webhosts who are completely banning all Greymatter from their servers!
Last night I deleted all my GM scripts. It was so sad, especially since I made those Bauhausian emoticons just 4 months ago and I won't be able to use them again. Seriously, I cried about it.
Who the hell reads these spam messages and acts on them anyway? It boggles the mind that people can be that stupid...both the spammer and spammee.
As for the 7,000 bounced spam message, I didn't download them all; I was afraid they'd crash my email. I stopped after about 200, then ftp'd up to my domain and deleted my mail inbox. I still am getting them too, but my laptop isn't set up to get the catch-all mail, and I don't use the other computer for mail much anyway. So I just periodically go and delete my inbox on my domain. It'll eventually stop, after the last server has bounced a bogus spam mal to a bogus email address, sent from a bogus email address.
I wake up Wednesday morning to an email from my webhost saying my site was hacked and they had to suspend my domain. Like anyone wants to wake up to that. I panic, naturally, check my sites and they're all there. It turns out it wasn't a malicious personal hacking, but a spammer who somehow...somehow...aw crap it's 9:30 pm and I've been doing nothing all day but looking at CODE so it's like I'm suffering a small stroke when I'm trying to think of the word...exploited? is that it? exploited? some vulnerabilities in a Greymatter comment script. So to make a long story short, I decided to take down Greymatter (are we having fun yet? Like I haven't spent too many days within four short months analing over my own site, not to mention setting up a cactus blog for Stan that he hasn't even had time to use yet before I had to redo the entire damn thing in Blogger!
I. Need. A. Break.
I really hate code, and for some reason certain things with these Blogger templates aren't working for me, so I'm having to do it my way. Like that automatic profile thing up in the right corner didn't look right, heck, it looked AWFUL, so I just had to cut and paste the link instead. I did have fun with the question they gave me, ironically, it had to do with band names, which I guess is right up my alley.