J.Schwartz,llc Construction Blog (PAHIC#861)

PLEASE VISIT OUR NEW BLOG AT www,jschwartzconstruction.com/blog

Sunday, February 27, 2022

Gootloader infection cleaned up

Dear blog owner and visitors,

This blog had been infected to serve up Gootloader malware to Google search victims, via a common tactic known as SEO (Search Engine Optimization) poisioning. Your blog was serving up 299 malicious pages. Your blogged served up malware to 17155 visitors.

I tried my best to clean up the infection, but I would do the following:

  • Upgrade WordPress to the latest version (one way the attackers might have gained access to your server)
  • Upgrade all WordPress themes to the latest versions (another way the attackers might have gained access to your server)
  • Upgrade all WordPress plugins (another way the attackers might have gained access to your server), and remove any unnecessary plugins.
  • Verify all users are valid (in case the attackers left a backup account, to get back in)
  • Change all passwords (for WordPress accounts, FTP, SSH, database, etc.) and keys. This is probably how the attackers got in, as they are known to brute force weak passwords
  • Run antivirus scans on your server
  • Block these IPs (5.8.18.7 and 89.238.176.151), either in your firewall, .htaccess file, or in your /etc/hosts file, as these are the attackers command and control servers, which send malicious commands for your blog to execute
  • Check cronjobs (both server and WordPress), aka scheduled tasks. This is a common method that an attacker will use to get back in. If you are not sure, what this is, Google it
  • Consider wiping the server completly, as you do not know how deep the infection is. If you decide not to, I recommend installing some security plugins for WordPress, to try and scan for any remaining malicious files. Integrity Checker, WordPress Core Integrity Checker, Sucuri Security,
    and Wordfence Security, all do some level of detection, but not 100% guaranteed
  • Go through the process for Google to recrawl your site, to remove the malcious links (to see what malicious pages there were, Go to Google and search site:your_site.com agreement)
  • Check subdomains, to see if they were infected as well
  • Check file permissions

Gootloader (previously Gootkit) malware has been around since 2014, and is used to initally infect a system, and then sell that access off to other attackers, who then usually deploy additional malware, to include ransomware and banking trojans. By cleaning up your blog, it will make a dent in how they infect victims. PLEASE try to keep it up-to-date and secure, so this does not happen again.

Sincerly,

The Internet Janitor

Below are some links to research/further explaination on Gootloader:

https://news.sophos.com/en-us/2021/03/01/gootloader-expands-its-payload-delivery-options/

https://news.sophos.com/en-us/2021/08/12/gootloaders-mothership-controls-malicious-content/

https://www.richinfante.com/2020/04/12/reverse-engineering-dolly-wordpress-malware

https://blog.sucuri.net/2018/12/clever-seo-spam-injection.html

This message

posted by Joe Schwartz - J. Schwartz,llc at 12:29 am  

Wednesday, July 27, 2011

VISIT OUR NEW BLOG – www.jschwartzconstruction.com/blog

we recently upgraded our blog – please visit!!!
www.jschwartzconstruction.com/blog

posted by Joe Schwartz - J. Schwartz,llc at 4:36 pm  

Wednesday, March 30, 2011

Be careful who you invite into your home!

In this market, experienced Remodelers and Custom Home Builders are crossing paths with businesses that have no experience with the types of projects that we have been doing for years. When the economy took a downward turn and speculative home-building began to dry up, many of these production builders looked for a way to stay in business. Many have ended up trying their hand at remodeling – as did roofers, framers, trimmers, etc. – most of them have no experience with the specialized skill-set that quality Remodeling takes; and as the first of the projects that they have contracted are moving along, we are getting phone calls…
We have all heard the horror stories related to home builders; and the unfortunate truth is that many of them are true. As horrified as we (J.Schwartz,llc) are each time we hear about one of these, when we hear the back story we almost always think “if it is too good to be true, it most likely is…” and the particular events were avoidable with just a bit of due-diligence on the part of the homeowner. Of course I am not by any means, saying that homeowner is responsible for the problems that occurred – they were most likely “taken” buy a dishonest person, or bad businessman that had no business offering a service that were not qualified to undertake.
Remodeling is a specialized skill that takes a person/ business that is dedicated to the passion that working in someone’s home takes. It is so far from production building and the subcontract trades (roofing, siding, framing, etc.), that there is little that even links them; and that goes for custom home building, as well – it is very specialized. After all, you wouldn’t go to a podiatrist if you broke your arm, right? That may not be too far of a stretch if you go to someone for your remodel that does not have the expertise that it DEMANDS.
It seems that for the past four years, at just about this time of the year (as spring hits), J.Schwartz,llc gets about a half-dozen calls from homeowners that need to be “bailed out” of one of these bad situations – and fortunately (or unfortunately), we know how to handle these terrible debacles.
We understand that there are a lot of “loose-ends” in projects like these, there may be things that were done improperly, and some things that were supposedly done, that were not done (or even started), at all. It is of paramount importance that these things be clearly laid out, and that the overall scope of the “new” project be clearly listed. I say “new” project, because there needs to be a clear line between the work that was “done” and the work to be done. This is not “finishing” a project, but starting a new one, with a completely new set of issues that demand complete transparency, clarity and understanding.
It is important to have some long conversations about the project – about the original plans, about things that may have changed, and about what is actually, physically built already – and most of all, about EXPECTATIONS. It is important to be open about issues (both the homeowner and the contractor must be open), and honest about the new project.
It is usually not pleasant to be the bearer of the pricing when these “new projects” are priced – because it almost always seems that the cost to get the home finished, is more than the cost would have been had the original builder finished his project – and that may actually be one of the reasons why the original contract went bad; the agreed upon contract amount was just too low to actually complete the home, i.e., “it was just too good to be true…” in the first place.
You see, you may have gotten three bids, maybe even 5, and maybe the lowest one was 20% less than the highest. Maybe three of the five were not even qualified to give you a bid? Did you go with the lowest bid? Was that bid 5% or more less than the “pack” of bids? Maybe the numbers were telling you something – SCREAMING at you, that something was not right – maybe not dishonest (?), but not right… there may have been something missing from that bid – intentionally or not… I would say that if your pricing from a qualified group of bidders is more than 5% different, then there is something wrong. Maybe my competition missed something? Maybe they purposely under-bid to get the job, thinking that they will gouge later with change orders? Who knows… but there is something wrong.
You see, there are associated costs that quality remodelers like J. Schwartz,llc know – and we know that we are sometimes bidding against others – and paramount to that, we are honest. Our pricing will be fair and honest; and our work will be of the utmost quality.
To sum it all up – be careful who you invite into your home – they can make a real mess of things; and if you are unfortunate enough to be in one of these situations, we are happy to help you get out of it.

posted by Joe Schwartz - J. Schwartz,llc at 1:20 pm  

Saturday, January 29, 2011

Tools for Free? You already have one – the snow, just look at it and “read” what it tells you.

A FREE ANALYTICAL TOOL – the snow.
There are a lot of benefits to the fluffy white stuff; fun, beauty, a cause for a slowdown in our otherwise hectic lives, but there is another that is a little less obvious.
Have you ever looked up at your roof a day or so after a snow? Have you looked at your neighbors in comparison? What do you see?
The speed that the snow melts can tell us a lot about the insulation in your home, the way that the snow melts can tell us a lot about the ventilation in your home, and the icicles that may form over the eaves can tell us a bit about both.
If you look around your neighborhood, you will see some pretty interesting things on roofs as the snow melts. After a good snow, some roofs just melt the snow away in no time – and unless you really like the way your roof looks – and are therefore purposely heating it, this is not a good sign for the energy efficiency of your home. (Take care to make sure that you are looking at rooflines that face a similar direction as the one you are comparing it to – that will make a HUGE difference in how the snow melts.)
Some roofs will show patterns as the snow melts – maybe the area around the plumbing vent melts faster than the surrounding areas, maybe you can see the stripes where the roof rafters lay below the roofing and plywood, and you may even be able to tell where the attic access is by noting a square area somewhere in the melting snow. Sometimes you can see a home with an addition whose roof holds the snow, but the main house is snow-free (or vice-versa). All of these can tell us a lot about what further investigation should be done to make a home more efficient, healthier (that’s right – ventilation and efficiency correlate directly with the health of your home)and therefore more comfortable (both directly, and from a fiscal point of view).
After the observations, we can investigate where the air leakage around the vent pipe is coming from, we can check the insulation levels in the attic or between the rafters (based on construction and design of the home), we can look for un-insulated recessed lights that break the air/insulation barriers, we can look for whether or not cold air is getting under the attic insulation, and believe it or not – we can often (almost always) find leakage that comes all the way from the basement. All of these things can be easily and inexpensively remedied – and all of these remedies will decrease energy consumption (sometimes drastically), increase comfort, and increase the longevity of your most prized possession – your home. We can use the observations collected from the outside, in conjunction with a blower-door test to fully understand how the envelope and interior of your home is working (or failing), and how it is “connected” with the outside where it should not be. We can then come up with a comprehensive plan to of attack.
So as we in the Northeast are under a blanket of snow, take the opportunity to look up – at the trees, at the sky – and now, at your roof; and if you would like us to come out and analyze what you see, audit your home, and make it better from all of the angles that we wrote about – than just call; we will be waiting. 610-644-6700!

posted by Joe Schwartz - J. Schwartz,llc at 11:21 am  

Wednesday, December 29, 2010

It is time for electrical deregulation – read on to save money!

Electrical rate caps have been in place for 15 years, and they are set to expire on the first day of the New Year…
Most of us in the Philadelphia area are PECO customers, and in our bills we see Generation Charges and Transmission and Distribution Charges. The Transmission and Distribution Charges will not change – and PECO will still be responsible for the physical upkeep of the supply system. What will change is the Generation Charges – and they are generally about 2/3 of your bill.
There is a great website that has been set up to help us make informed decisions about who we will buy our electricity from – go to www.papowerswitch.com and enter some basic information. You will be presented with a list of electrical generation companies that serve your area – just be careful – some charge termination fees, some don’t. Some have variable rates with introductory “teaser” rates, while others have locked rates. Some even offer “green” electrical generation….
Make an informed decision and start saving money now!

posted by Joe Schwartz - J. Schwartz,llc at 5:51 pm  

Monday, October 18, 2010

A project with a quantifiable energy consumption change…


We are currently in the middle of an interesting project. The project entails the removal of existing cedar shake siding, removal of gypsum sheathing (no vapor barrier!) and the installation of new insulation, new 1/2″ CDX Plywood, Tyvek, 3/4″ Foam Board, Type D Tar Paper, and then Stucco/Fiber Cement…
There will be a small addition (approx 180 SF) that will be insulated with Spray foam insulation.

We will also be sealing off all of the hi-hats in the attic with metal duct and foam, and air-sealing the house to the best of our ability. We have done the ” Before” blower door readings, and will report back with the “afters” as soon as the project is complete. We feel that there will be significant descreases in energy consumption; come back and see!

posted by Joe Schwartz - J. Schwartz,llc at 4:50 pm  

Sunday, October 10, 2010

Energy Audits – A Proud Certified Member of the Building Performance Institute

Joe Schwartz is proud to be a member of the Building Performance Institute – (BPI), a group that sets the standard in Building Performance inspection, review and recommendation. Joe has recently become a certified Building Analyst and has the knowledge and equipment to perform complete Energy Audits on your home. This inspection includes Life, safety and Health inspections, as well as Blower Door Testing of the home.
J. Schwartz,llc offers Energy Audits as an integral part of any home renovation/remodel that we do; as well as stand-alone audits for anyone that would like to hire us to inspect their home.
The inspections will provide an in-depth analysis of the homes combustion appliances, electrical / fuel consumption, general electrical system safety, and it will show exactly how “leaky” the home is… with recommendations on how to make your home more energy efficient.

posted by Joe Schwartz - J. Schwartz,llc at 2:48 pm  

Wednesday, September 8, 2010

I hope this is not getting dull, but we just have to tell you…

The National Association of the Remodeling Industry (NARI), has awarded J. Schwartz,llc, in conjunction with JFA Architecture, PC a meritorious award for the best Kitchen remodel under $40,000Although it is always great to receive the awards that we have for projects with large budgets, this is an especially precious award because it shows that we can design and build a beautiful kitchen within a tight budget; which in some ways is even more challenging.
The kitchen includes new cabinets, counters, plumbing fixtures, and lighting; as well as handcrafted wainscot in the adjacent family room.

posted by Joe Schwartz - J. Schwartz,llc at 12:29 pm  

Wednesday, September 8, 2010

Another one! (AWARD, THAT IS…)

J. Schwartz,llc has recently been named a TOP 500 Remodeler for 2010 by Qualified Remodeler Magazine. This is the second year in a row that we have received this honor, and we plan on making this award a habit. The title of the Awards article is “TOP 500 REMODELERS STAY THE COURSE, Times may be difficult, but leaders demonstrate their resilience.”
We are once again honored, and look forward to reaching and surpassing the efforts and outcomes that allowed us this award.

posted by Joe Schwartz - J. Schwartz,llc at 12:16 pm  

Friday, June 11, 2010

Another View Into a Crystal Ball – Remodeling in General

How many homeowners have bought houses over the last 5-7 years and have said, “it’s fine for now, but later on we will (add/change/fix) that”?
It was an easy thing to do when money was cheap and everyone was happily employed and had a great outlook towards the future…
But what about now? Some may still be doing the same thing – especially those that are finding great deals, but most are not doing anything
J. Schwartz,llc is blessed to be very busy with some fantastic projects now – but we feel that we are in a special category with a great, loyal client base, and we offer a fantastic service and product most builders/remodelers are not. Most builders are slow, to say the least – and many are no longer with us. We find that many of our current projects (but certainly not all) are from those homeowners that bought a few years back with the wish of what they needed to change in their new home not too far from the front of their minds. For those that are able, now is the time that they needed to do their projects on the otherwise less-than-perfect home.
So as the inventory of homes that were bought with a not-to-distant to-do list get their facelifts/additions/renovations and the lists are completed, there will most likely be less of that kind of project available – which is unfortunate. It is unfortunate not only for those of us that excel in the process, but also for homeowners and the general appeal of our environment. It is often these projects that take an “old” house and turn it into a beautiful, alluring home that increases surrounding home values, and the general aesthetic of the neighborhood. They often start the snowball rolling and sometimes whole developments and neighborhoods are made better-than-new; and the entire area may even increase in value.
While J. Schwartz,llc is confident that we will be providing remodeling services well into the future because of our stature in the market, we feel that the overall genre may be on life support for some time.

posted by Joe Schwartz - J. Schwartz,llc at 6:00 am  
Next Page »

Powered by WordPress