my recent conversation with zac o. at cshelpdesk.net went something like this:
me: my account has been hacked
zac: it’s your fault
me: no, it’s not, see? evidence…
zac: you don’t understand. it’s still your fault
me: yes i do, and no, it’s not. see? more, different evidence…
zac: <IP block my access> (that’ll shut him up)
yeah, it will shut me up temporarily (my most recent communication with zac was yesterday at 2:00 pm, my most recent communication with nathan was at 9:57 am this morning, and now, at 3:00 pm, i still can’t access cshelpdesk.net), but in the long run, you’re going to be the one that suffers because of your interaction with me.
at least they’re not demanding more money from me… 8/
that’s <A2RGH> for you purists out there…
but yes, aargh. i discovered that my entire site had the .php files appended with the code i discovered the other day, not just my wordpress installation.
furthermore, although tech support has no evidence of a hack and says it was that way when i uploaded it, i checked my backup from last month and there were no modifications to any of the files a month ago.
[EDIT] after having been confronted with evidence (the backup that wasn’t modified) they claim to have found evidence of an account breach on 23 august, and recommended that i change my password… duh… 8/
[FURTHER EDIT] it turns out that the “evidence” was a known (to me) IP address, logging in to check their mail. however, i did find another IP address from renton logged in as root on the 20th and 21st of august, and when i suggested that someone had the root password, suddenly all the servers wend down and just recently came back up… all of them except the tech support site… very interesting…
i actually was IP blocked from cshelpdesk dot net!
in spite of the fact that Thecrazedking@aol.com (who is undoubtedly nathan oulman, or one of his minions) said “we dont block anyone from anything” (his exact words), according to tech support goon “Zac O.”, “Your IP was blocked by the servers firewall. This has been unblocked and you can now access the server again.” apparently their server is set to block the IP address of a customer attempting to log in “incorrectly” (whatever that means, nobody has told me yet). it’s very definitely not an using an incorrect username or password, because i allow the browser to remember all of that stuff because i know how clumsy my fingers are, but nobody has seen fit to tell me what it is, other than “incorrect login attempts”.
not only that, but i’ve had to reprimand the tech support goon no less than three times this morning, for closing my issue without answering my question. the little weasel is not going to get out of this without giving me some answers. 8/
at this point, it’s not anywhere near as bad as it was yesterday, but still, i’m thinking very strongly about switching host providers again when my contract expires.