On the afternoon of July 5, 2016, a mysterious directory called vltov1 appeared in the filesystem of my web server. A few files on my site changed, and soon my blog crashed, due to changes I’d made in the database structure.
Something connected to this vltov1 was trying to hack my site further, but had made some assumptions based on me running WordPress that happened to be wrong.
As best I can tell, it’s some type of music distribution network. I don’t recommend downloading anything from them, because if they’re willing to hack me, they’re willing to hack people who download music from them too. But I’m getting ahead of myself.
Once I got back online, I installed a plugin to handle redirection rather than using Apache’s .htaccess file. It’s easier to find .htaccess than my database. This ended up being a happy accident.
I soon found incoming traffic attempting to access an obsolete WordPress plugin I had been running called Sociable. Thankfully I had replaced its functionality with Jetpack when I rebuilt, or I would have been hacked again. I also found hundreds of attempts to connect to that mysterious subdirectory called vltov1.
Last week when I searched on that term, I found a half dozen sites that Google warned me appeared to be hacked. This week when I searched, I found people linking to music videos. A lot of people linking to music videos.
So it appears that vltov1 is some kind of illicit music distribution network.
I have no problem with music, but this is my server and my Internet connection. Vltov1 can’t have it. Had they asked politely, I likely would have been willing to donate some space and bandwidth. But they didn’t ask, so the answer is no.
If you’re looking for music, I recommend you get it from a network that pays its own bills, rather than stealing capacity from others, and potentially wrecking their web sites in the process. I like business and commerce. But what vltov1 is doing is theft. I don’t know if they’re paying their artists or not, but stealing a distribution network is wrong.
And not everyone who falls victim to vltov1 has the means to recover afterward.
Besides that, it’s not difficult to infect music and video files with malicious software. I’m not saying vltov1 does, but based on their continued attempts to hack me, it wouldn’t surprise me at all if they’re trying to hack you too.