IMPORTANT - Forums compromised, please change your password
Moderator:Moderators
- marshallh
- Moderator
- Posts:2986
- Joined:Sat Sep 10, 2005 2:17 pm
- 360 GamerTag:marshallh
- Location:here and there
- Contact:
This evening the forums were compromised for a short time. We caught it fairly quickly and have reversed all known damage.
The passwords in phpbb are stored in a hashed form and we cannot see any password traps, however it is a good idea to change your password now, and if you used the same password on any other sites, to change those as well.
Please post here if you see anything unusual or missing posts, etc.
Thanks for your understanding
The passwords in phpbb are stored in a hashed form and we cannot see any password traps, however it is a good idea to change your password now, and if you used the same password on any other sites, to change those as well.
Please post here if you see anything unusual or missing posts, etc.
Thanks for your understanding
- lifeisbetterwithketchup
- Senior Member
- Posts:2180
- Joined:Fri Jul 21, 2006 12:08 pm
- Steam ID:lifeisbetterwithketchup
- Location:Illinois. Whee.
- Contact:
Re: IMPORTANT - Forums compromised, please change your password
Thanks for the update.
Kudos to the mods; acted nice and fast on this mess.
Kudos to the mods; acted nice and fast on this mess.
Rekarp wrote:Cause I am Abe F#!@ing Lincoln.mako321 wrote:What makes you head ninja, anyways?
Re: IMPORTANT - Forums compromised, please change your password
Any idea who the culprit is?
- Triton
- Moderator
- Posts:7397
- Joined:Mon May 24, 2004 12:33 pm
- 360 GamerTag:triton199
- Steam ID:triton199
- Location:Iowa
- Contact:
Re: IMPORTANT - Forums compromised, please change your password
we're currently gathering as much info as we can about the situation. All we can say right now is we are working on it
Visit us at Portablesofdoom.org
- lifeisbetterwithketchup
- Senior Member
- Posts:2180
- Joined:Fri Jul 21, 2006 12:08 pm
- Steam ID:lifeisbetterwithketchup
- Location:Illinois. Whee.
- Contact:
Re: IMPORTANT - Forums compromised, please change your password
Triton wrote:we're currently gathering as much info as we can about the situation. All we can say right now is we are working on it
Rekarp wrote:Cause I am Abe F#!@ing Lincoln.mako321 wrote:What makes you head ninja, anyways?
Re: IMPORTANT - Forums compromised, please change your password
I am having a problem marshall. I had to make a new account with the same name but different email address. All my post are gone is there any way I can get them back?
- Basement_Modder
- Portablizer
- Posts:962
- Joined:Sun Aug 24, 2008 7:16 am
- Location:Next door to my neighbor
- Contact:
Re: IMPORTANT - Forums compromised, please change your password
I flipped yesterday when I tried to log in and it said I was IP banned, lol.
I knew something was up when I changed my static and dynamic IP, then even went on my neighbor's wifi and I was still IP banned. :/
I'm glad the admin team is as good as it is.
I knew something was up when I changed my static and dynamic IP, then even went on my neighbor's wifi and I was still IP banned. :/
I'm glad the admin team is as good as it is.
Cheers,
Basement_Modder
_________________
Basement_Modder
_________________
- bicostp
- Moderator
- Posts:10491
- Joined:Mon Mar 07, 2005 5:47 pm
- Steam ID:bicostp
- Location:Spamalot
- Contact:
Quite frankly
There has been some concern regarding the security of the forums. I want to make it perfectly clear that this forum is as secure as any other forum running on the phpbb forum engine. It was an exploit in phpbb, not anything specific to this individual server, that allowed this to happen.
None of the phpbb engine files on the server appeared to be modified, but fresh copies of several files (from phpbb.com) were uploaded just in case.
It appears the script was only after administrator accounts (normal accounts aren't any good for seriously messing a forum up), so you shouldn't see any suspicious activity on your own accounts. However, that doesn't necessarily mean the script didn't log your old password. If you change it now, it will not be skimmed.
Also don't forget that it is highly likely that Modretro was hit by the exact same attack as this forum was, and they also run phpbb. (Remember, both exhibited the exact same "multiple failed logins on every account" issue almost simultaneously.) Change your password on both sites and you won't have anything to worry about.
None of the phpbb engine files on the server appeared to be modified, but fresh copies of several files (from phpbb.com) were uploaded just in case.
It appears the script was only after administrator accounts (normal accounts aren't any good for seriously messing a forum up), so you shouldn't see any suspicious activity on your own accounts. However, that doesn't necessarily mean the script didn't log your old password. If you change it now, it will not be skimmed.
Also don't forget that it is highly likely that Modretro was hit by the exact same attack as this forum was, and they also run phpbb. (Remember, both exhibited the exact same "multiple failed logins on every account" issue almost simultaneously.) Change your password on both sites and you won't have anything to worry about.
Twitter
http://www.pcwgaming.com" onclick="window.open(this.href);return false;
If you want a Dropbox account, please use my referral link
http://www.pcwgaming.com" onclick="window.open(this.href);return false;
If you want a Dropbox account, please use my referral link
- Basement_Modder
- Portablizer
- Posts:962
- Joined:Sun Aug 24, 2008 7:16 am
- Location:Next door to my neighbor
- Contact:
Re: IMPORTANT - Forums compromised, please change your password
MrAfterFx wrote:I am having a problem marshall. I had to make a new account with the same name but different email address. All my post are gone is there any way I can get them back?
Quoted to aid admins in seeing this small post.
Cheers,
Basement_Modder
_________________
Basement_Modder
_________________
- bicostp
- Moderator
- Posts:10491
- Joined:Mon Mar 07, 2005 5:47 pm
- Steam ID:bicostp
- Location:Spamalot
- Contact:
Re: IMPORTANT - Forums compromised, please change your password
MrAfterFx, unfortunately the hacker deleted your account and there is no way to restore it from the phpbb admin panel. (Several other accounts were deleted as well.) It is theoretically possible to take your posts from the most recent backup and inject them back into the live database, but I don't know when the last backup was made and that is something that has to be handled through cPanel.
Twitter
http://www.pcwgaming.com" onclick="window.open(this.href);return false;
If you want a Dropbox account, please use my referral link
http://www.pcwgaming.com" onclick="window.open(this.href);return false;
If you want a Dropbox account, please use my referral link
Re: IMPORTANT - Forums compromised, please change your password
No problem BicoSTP! It doesn't bother me all to much and I am glad I could make my account again before someone made another under my name. When the site went down it almost looked like a ddos injection (Denial if System Operations Attack). PM me if you need some security ideas for phpbb. I might be able to help if you want!
-
- Senior Member
- Posts:1911
- Joined:Tue Mar 29, 2005 12:39 pm
- PSN Username:Denki_no_Ame
- Location:What's it to you? Stalker...
- Contact:
Re: IMPORTANT - Forums compromised, please change your password
Just as long as they didn't start posting under my name making it look like I came back to the forums or something after all this time...
Wait...
Damn.
Wait...
Damn.
Re: IMPORTANT - Forums compromised, please change your password
Electric Rain wrote:Just as long as they didn't start posting under my name making it look like I came back to the forums or something after all this time...
Wait...
Damn.
:jawdrop:
-
- Senior Member
- Posts:1911
- Joined:Tue Mar 29, 2005 12:39 pm
- PSN Username:Denki_no_Ame
- Location:What's it to you? Stalker...
- Contact:
Re: IMPORTANT - Forums compromised, please change your password
Hah... don't get excited or anything. I not coming back. XD I'm in college now! No time for the forums. >.< But that excuse only applies for the past three weeks. I have no excuses for the past... two years? Or something? ^-^'Tchay wrote:Electric Rain wrote:Just as long as they didn't start posting under my name making it look like I came back to the forums or something after all this time...
Wait...
Damn.
:jawdrop:
- ShockSlayer
- Niblet 64
- Posts:5059
- Joined:Thu Jun 29, 2006 12:47 pm
- Location:In my inbox.
Re: IMPORTANT - Forums compromised, please change your password
Electric Rain. I remember that guy. Was pretty cool. PUNCH HIM.
http://twitter.com/ShockSlayer" onclick="window.open(this.href);return false;