This is a bit lengthy, but it’s VERY IMPORTANT, so please read if you visited Daiyamanga between late March 2019 and May 27, 2019.
So today renxkyoko informed me that she had repeatedly tried to post a comment on a post but couldn’t. So I decided to try posting some test comments of my own. I have had issues the past couple of weeks where a spambot has been trying to post junk links, so I thought it was possible that perhaps the couple of keywords I was using to block them were affecting her comments.
But as I was fake commenting here, I noticed something odd: my pop-up blocker went into effect. “That’s strange,” I thought. After all, Daiyamanga is ad-free. I can’t guarantee it will always be that way, but I digress. But maybe I had just clicked on something odd while I was accessing Daiyamanga, because I suddenly found myself at Yahoo.
Unfortunately, that wasn’t the case. Links like this one were automatically being generated on my site:
It turns out that a plug-in that I had installed here had an exploit that scummy hackers took advantage of to launch an XSS redirect attack. Upon loading Daiyamanga or other sites with this plug-in installed, there would be a pop-up and/or the first link clicked would send users elsewhere. These include “you have been affected by a virus”-type sites or try to install something on your computer. Reports came out as early as the end of March, but the story was really picked up in mid April. But I had no idea until today. I don’t know if I’ve been subjecting you, my dear visitors, since then or if it only started recently. I didn’t get a message or anything, it didn’t affect me when I viewed my blog, and while I do try to select highly rated plug-ins and keep them updated, I don’t follow WordPress tips/warning sites. I guess I better. Regardless, please accept my deepest apologies.
I hope none of you have fallen for these scammers’ malicious tricks. If you have clicked on any suspicious links or downloaded something right after visiting Daiyamanga, immediately start running a virus/malware/spyware scan and change passwords. Even if you haven’t, I strongly urge that anyone who has visited Daiyamanga since March run a scan if you haven’t recently. You may want to cookies and/or history, particularly if you have any from getalinkandshare.com. Changing passwords never hurts, but again, run scans first.
The plug-in has been disabled and removed of course, and I have installed protection that should hopefully prevent anything like this from happening in the future. I do not store any information here, so none of your personal information should be affected if you follow/like/comment here. Although I visit many of your blogs, there shouldn’t be anything from me commenting or liking your posts. A lot of you probably read my blog through the WordPress.com Reader, so that could be a reason why it escaped attention for so long. It also didn’t happen the one or two times I tried on my iPad, so perhaps it affected computers only?
If anybody has any information on this or any other odd behavior here, please let me (and others!) know by posting a comment or emailing me. If you have any other questions or just want to yell at me, you can do that too.