House Minority Leader Lawrence Cafero said that when Republican staffers discovered their caucus blog had a rootkit virus, they tried to handle it in the least “invasive” way possible, but they realized they could not do that so they had to take it down.
“We haven’t determined the mechanism how, but we want to put out the word to everyone that we have a virus,” Cafero said Friday when asked about the problem.
The site is currently down and it’s unclear at the moment when it will go back up.
In the meantime, Cafero said his staff is taking every precaution and working with the web server company, Lunar Pages of California, to make sure the virus is gone before the site goes live again. They have also hired a third party to take a look at the site before it goes live again.
A rootkit virus, which is extremely dangerous and can go undetected, is a malicious software virus that likely crept into the system through the installation of separate WordPress sites for each of the lawmakers. Each of those sites then became an access point for malicious software or spybots to enter the system.
“Because rootkits are activated before your operating system even boots up, they are very difficult to detect and therefore provide a powerful way for attackers to access and use the targeted computer without the owner’s notice,“ the site PCTools says. “Due to the way rootkits are used and installed, they are notoriously difficult to remove. Rootkits today usually are not used to gain elevated access, but instead are used to mask malware payloads more effectively.”
In order to get rid of a rootkit virus you can visit this website and run their free software program.
Republicans are now using a newer, multi-user version of WordPress that allows all of its sites to be hosted from one installation of the free software program. They expect this will resolve the problems.
In the meantime, Republicans included the url for the site in several mailings to constituents and it’s unclear how many may have used the mailing as an invitation to visit the website and learn more about their lawmakers.
At least one constituent contacted CTNewsJunkie to let us know they had been infected twice over the past few weeks as they sought to learn more about their lawmakers.
It’s also unclear how many computers inside the Capitol may be infected with the virus. Cafero said they can’t answer that question yet, but are working on it and will let everyone know once they have more information.
But as of Sunday evening there hadn’t even been a press release on the issue.