RPGWatch Forums
Page 1 of 2 1 2

RPGWatch Forums (http://www.rpgwatch.com/forums/index.php)
-   News Comments (http://www.rpgwatch.com/forums/forumdisplay.php?f=10)
-   -   RPGWatch - Forums Hacked (http://www.rpgwatch.com/forums/showthread.php?t=11012)

Dhruin July 23rd, 2010 11:39

RPGWatch - Forums Hacked
 
Unfortunately our forums have been hacked - please bear with us until we can get them restored. Thanks to everyone who has written in or contacted us about the issue.
More information.

Thaurin July 23rd, 2010 11:39

I noticed. Apparently, they also thrashed the user accounts, because I couldn't log in any more. Stupid kids with a keyboard.

Alrik Fassbauer July 23rd, 2010 11:42

I bet it was soneone being angry that the infected ads have been turned off.

Myrthos July 23rd, 2010 11:56

The user accounts were not trashed. It was made impossible to login. See also here.

Davion July 23rd, 2010 12:02

"Stupid kids with a keyboard" sounds about right, considering the content of the message he left everywhere.

enodenroH July 23rd, 2010 13:59

I felt violated by this event even though I was not the one beeing attacked.
Glad everything's back to normal.

Anderson July 23rd, 2010 14:28

That was crazy. Glad you guys got it up and running again so quickly.

Thaurin July 23rd, 2010 14:31

Quote:

Originally Posted by Myrthos (Post 1061018671)
The user accounts were not trashed. It was made impossible to login. See also here.

Oh, okay. I thought I also saw duplicate usernames with silly names on the forums.

wolfing July 23rd, 2010 14:49

eh, what? didn't notice anything

Myrthos July 23rd, 2010 15:14

Quote:

Originally Posted by Thaurin (Post 1061018681)
Oh, okay. I thought I also saw duplicate usernames with silly names on the forums.

I should have used a couple of more words here :). It was made impossible to log in and the usernames might or might not have been changed. However as I re-installed a backup of some 10 hours before the hack all usernames were restored again (together with the rest). Some posts were lost in the process of course.

As to the reason for changing the password. The hacker got access to the admins interface by retrieving the username and password of an admin from the database. User passwords are not visible from the admins panel, but it is not entirely clear to me if the exploit also allows to access the credentials of other users.

Alrik Fassbauer July 23rd, 2010 15:23

Found something : http://www.h-online.com/open/news/it…n-1044462.html

figment July 23rd, 2010 16:02

Sounds like the exploit gave access credentials to the back-end database. So they could just change things directly like usernames and thread titles. However the passwords for users are salted and hashed on a per user basis which would make it nearly impossible to decrypt. Everyone should still change passwords though.

Omega July 23rd, 2010 16:10

Quote:

Originally Posted by Thaurin (Post 1061018681)
Oh, okay. I thought I also saw duplicate usernames with silly names on the forums.

I missed the hack, but I wonder what was there to see; it might give an insight in the motives.
So there were silly names? Anything else that indicated it was all about 'fun'?
Or is there a chance somebody was after e.g. email addresses?

GhanBuriGhan July 23rd, 2010 16:24

Quote:

Originally Posted by Omega (Post 1061018699)
I missed the hack, but I wonder what was there to see; it might give an insight in the motives.
So there were silly names? Anything else that indicated it was all about 'fun'?
Or is there a chance somebody was after e.g. email addresses?

Only thing I saw was a lot of references to bodily functions and products. I think we were blessed with a very mature hacker. Maybe someone here insulted some kid's favorite JRPG? ;)

Lemonhead July 23rd, 2010 16:41

Wasn't there also a lot of Star Trek references? Anyway, glad things are back to normal.

BTW, about 2 or 3 days ago when I visited rpgwatch.com I got a white screen with black text where it said somethign like: "Read install.txt". Can't remember the exact words but it was something like that. After refreshing the site a few times it was gone and things were back to normal. Would that possibly have anything to do with the hack?

July 23rd, 2010 17:09

Quote:

Originally Posted by Lemonhead (Post 1061018701)
Wasn't there also a lot of Star Trek references? …

Yes, and that was the worst part of it. Star Trek, huh? Gimme a break.

Star Wars on the other hand….

wolfing July 23rd, 2010 17:15

I wonder if this is one of the 7 (real) signs of the apocalypse:
- Mass Effectation of Dragon Age
- Hacking of RPGWatch
- X-Com being remade as a FPS
- …
- Release of Grimoire

Doesn't really matter what the other 3 conditions are, #7 has me totally unworried that it will happen during my lifetime

Lurking Grue July 23rd, 2010 18:42

Darn it, stupid kids with a keyboard, get off our lawn!

Glad to see things sorted out. I noticed that not just the forum, but also the main site was down several times during the last couple of days. Must've been part of this hack/attack, I take it.

Maylander July 23rd, 2010 20:05

Before the hacking was solved, our forums looked similar to an average day over at the Codex. I wouldn't be amazed if there was a connection..

GhanBuriGhan July 23rd, 2010 20:46

Quote:

Originally Posted by Maylander (Post 1061018720)
Before the hacking was solved, our forums looked similar to an average day over at the Codex. I wouldn't be amazed if there was a connection..

No proof = shut up. Let's not start a pissing contest again.


All times are GMT +2. The time now is 03:14.
Page 1 of 2 1 2

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.
Copyright by RPGWatch