RPGWatch - Forums Hacked

I bet it was soneone being angry that the infected ads have been turned off.
 
Joined
Nov 5, 2006
Messages
21,908
Location
Old Europe
The user accounts were not trashed. It was made impossible to login. See also here.
 
Joined
Aug 30, 2006
Messages
11,223
"Stupid kids with a keyboard" sounds about right, considering the content of the message he left everywhere.
 
Last edited:
Joined
Dec 30, 2009
Messages
257
Location
Belgium
That was crazy. Glad you guys got it up and running again so quickly.
 
Joined
Sep 6, 2009
Messages
884
Location
US
Oh, okay. I thought I also saw duplicate usernames with silly names on the forums.
I should have used a couple of more words here :). It was made impossible to log in and the usernames might or might not have been changed. However as I re-installed a backup of some 10 hours before the hack all usernames were restored again (together with the rest). Some posts were lost in the process of course.

As to the reason for changing the password. The hacker got access to the admins interface by retrieving the username and password of an admin from the database. User passwords are not visible from the admins panel, but it is not entirely clear to me if the exploit also allows to access the credentials of other users.
 
Joined
Aug 30, 2006
Messages
11,223
Sounds like the exploit gave access credentials to the back-end database. So they could just change things directly like usernames and thread titles. However the passwords for users are salted and hashed on a per user basis which would make it nearly impossible to decrypt. Everyone should still change passwords though.
 
Joined
Apr 23, 2010
Messages
688
Oh, okay. I thought I also saw duplicate usernames with silly names on the forums.

I missed the hack, but I wonder what was there to see; it might give an insight in the motives.
So there were silly names? Anything else that indicated it was all about 'fun'?
Or is there a chance somebody was after e.g. email addresses?
 
I missed the hack, but I wonder what was there to see; it might give an insight in the motives.
So there were silly names? Anything else that indicated it was all about 'fun'?
Or is there a chance somebody was after e.g. email addresses?

Only thing I saw was a lot of references to bodily functions and products. I think we were blessed with a very mature hacker. Maybe someone here insulted some kid's favorite JRPG? ;)
 
Joined
Oct 18, 2006
Messages
3,508
Wasn't there also a lot of Star Trek references? Anyway, glad things are back to normal.

BTW, about 2 or 3 days ago when I visited rpgwatch.com I got a white screen with black text where it said somethign like: "Read install.txt". Can't remember the exact words but it was something like that. After refreshing the site a few times it was gone and things were back to normal. Would that possibly have anything to do with the hack?
 
Joined
Jun 4, 2008
Messages
999
Location
The Great White North
I wonder if this is one of the 7 (real) signs of the apocalypse:
- Mass Effectation of Dragon Age
- Hacking of RPGWatch
- X-Com being remade as a FPS
- ...
- Release of Grimoire

Doesn't really matter what the other 3 conditions are, #7 has me totally unworried that it will happen during my lifetime
 
Joined
Sep 23, 2008
Messages
5,645
Location
Tardis
Darn it, stupid kids with a keyboard, get off our lawn!

Glad to see things sorted out. I noticed that not just the forum, but also the main site was down several times during the last couple of days. Must've been part of this hack/attack, I take it.
 
Joined
Jan 4, 2008
Messages
564
Location
I come from the land of ice and snow
Before the hacking was solved, our forums looked similar to an average day over at the Codex. I wouldn't be amazed if there was a connection..
 
Joined
Oct 18, 2006
Messages
7,583
Location
Bergen
Before the hacking was solved, our forums looked similar to an average day over at the Codex. I wouldn't be amazed if there was a connection..

No proof = shut up. Let's not start a pissing contest again.
 
Joined
Oct 18, 2006
Messages
3,508
Back
Top Bottom