Getting some better insight on Dorifel/XDocCrypt

Remember the outbreak of Dorifel and the Dorifel aftermatch ?

Robert Lipovsky, a malware researcher at ESET did some additional digging and found some interesting info with the following conclusion:

As has become common practice in the world of malware, the Win32/Quervar virus family implements several techniques, which have already been observed elsewhere. It is part of a bigger “operation”, forms a botnet, and is able to perform tasks sent from the C&C server, and to download and execute other malware. It is not unlikely that the virus botnet operator provides this as a service to other cyber criminals. Furthermore, as David Harley mentions, it has attracted the attention of telephone support scammers.


Link to the complete article


Sources (English)

Big Bro’s revenge: Revenge is a dish best served pink

I found this Dutch video on Youtube and think it’s hilarious
It’s about a big bro’s revenge after his little bro fraped his facebook
Guess what?!

Revenge is a dish best served pink!


On July 4th 2012 my fifteen year old brother completely changed my facebook wall. We decided to remodel his room and make it a little girls room.

Revenge is a dish best served pink. (little girl’s room)





As a big bro myself, I can only say this  🙂





Locked out after installing/upgrading Jetpack for WordPress – This was my fix


When you use WordPress, you will love Jetpack as plugin.



They like to say:

Jetpack supercharges your self-hosted WordPress site with the awesome cloud power of

..and I have to agree to that.


So.. I started to install Jetpack and after that activating it.. I got this error in my browser:

HTTP Error 500 (Internal Server Error) An unexpected condition was encountered while the server was attempting to fulfill the request

After this, I was locked out of the admin pages of WordPress?!


I can’t describe the emotions that flowed through my body, but if I have to it will be something like…    WTF?






So.. I grabbed some coffee to calm down and then used a SSH session (FTP will do too) and renamed “Jetpack” in WordPress’ plugin folder, used the “back” on my browser and clicked some menu link.. and I could use the admin pages again.

Of course I contacted WordPress/Jetpack Support and had a little e-mail discussion with a friendly support guy Jeremy.
I tried  to install Jetpack using different browers, using different operating systems, but.. no luck..

Now it got interesting!  I am no WordPress expert, but taming unwilling computers and programs is my job, I am.. a sysadmin!

I was glad that BlueHost (my hosting provider) allowed me to check the error log.. and look what I found:

PHP Fatal error: Allowed memory size of 33554432 bytes exhausted (tried to allocate 122880 bytes)

The poor server just needed a little more memory for PHP to be able to host WordPress!

I edited “wp-settings.php” and put this line in it:

define(‘WP_MEORY_LIMIT’, ’64M’);


and that solve my problem!


..Jeremy, TY for your help! Hope this blog posting will help you too