Sign in Subscribe
Look who decided to stop illegally mining cryptocurrency and start being a website again!

Look who decided to stop illegally mining cryptocurrency and start being a website again!

I have what might be an unhealthy comfort level with taking on computer projects that are way over my head, and this site was no exception.

begin computer ramble, skip ahead if you just want to hear the illicit crypto mining part

When I started my blog, I knew I wanted to self-host so I could own all my content and not be at the whim of WordPress or whatever other managed hosting service. I did some research and landed on Ghost, and found a YouTube tutorial showing how you can effectively host a Ghost blog for free on Google Cloud (thanks to the $300 in credits they gift you upon signup).

This setup, for anyone curious, was something like:

VM on Google Cloud – managed via CyberPanel – running a Docker container, which hosted the Ghost install

It was kind of janky from the get-go, and near impossible to troubleshoot, but it worked. (until it didn't.)

end computer ramble

One day, I got an automated email from Google Cloud being like "hey, cut it out with the illegal crypto mining!" They temporarily disabled my VM, and every time I tried to start it back up to access the console, it would immediately get shut down.

I appealed the warning, being like "hey i'm just a little guy, I'm not mining cryptocurrency! I don't know how to mine cryptocurrency even if I wanted to! I barely know how to use a computer, I am just trying to host my little hiking blog! I only have 2 subscribers!" Google was like "I'm not reading all that, you are responsible for making sure not to mine crypto using our services."

I assumed this was some kind of misconfiguration or error on my part – my little vm getting hacked to mine crypto sounded too goofy to be true. However, I did a little more research, and found other people talking about their vms getting cryptojacked as well.

I looked into it further, and (I'll let the very smart computer guy explain) https://www.schneier.com/blog/archives/2024/10/perfectl-malware.html

It felt weirdly flattering, getting taken down by a sophisticated and not-yet-fully-understood piece of malware, possibly by a malevolent nation-state, because I had kind of assumed that it was going to be like oh, your vm has "Guy Who's Bad At Setting Up Servers Disorder".

ANYWAY,

After a couple of months of on and off poking at the problem with a stick (and lots of guidance from my very patient partner), I finally got it back up. It was a massive pain in the ass. I had to extract all of my data from my compromised vm, and kind of manually patch it into a fresh install of Ghost. Had to learn how databases work and everything.

Now I am running the site on a Droplet on DigitalOcean, which has built-in support for Ghost and which I'd actually recommend to anyone wanting to self-host. So far so good. The fact that I'm writing this post means that as of right now, my website is not currently mining cryptocurrency.

So I've got that going for me, which is nice! Anyway,

I'll be back soon to post some pics from some of my excursions and projects from the several weeks when my website was busy doing financial crimes.