PDA

View Full Version : WE'VE BEEN HACKED!!!



OverkillZJ
05-10-2005, 01:44 AM
That’s right, I, the resident computer security whore neglected to update the phpBB software (for the last 7 versions) and so we got HACKED. I’m a great example of what NOT to do. The problem is I already invest too much time into this site, and a new security hole that needs patching is found in this crappy free BB software almost weekly, it’s hard to keep up with.

Regardless, my apologies for the downtime that the site saw (even though it was fixed in 1.5 hours). The hacker made use of a MySQL vulnerability that allowed him to log in under Dave’s (BigDaveZJ) username and post a few “hacked” notices as well as change some forum permissions to “private”. I banned Dave’s name (that was fun) assuming that’s the only name he had access to at first while I figured out what happened, then pulled the board down for about an hour for a much needed upgrade.

We’re now up to the most recent version (released a few days ago) and I will continue updating it as I’ve learned there’s people bored enough to hack a site that’s just a bunch of wheelers’ bullshitting. Man, the world is full of jackasses.

Do you want to really help prevent this from happening again? BUY SOME STICKERS! SERIOUSLY! There’s a for sale thread in the “Vendor’s Marketplace” forum. That money doesn’t go into our pockets, it goes towards buying some software to run this site that doesn’t SUCK and isn’t quite as vulnerable to hacks such as this (which any script kiddy can run.)

I’m going to head to bed now for some much needed rest, like I was about to do before receiving several IM’s saying WTF!

I have a real job in the morning, crap.

-Matt


EDIT: All users will have to log in again :finga:
If you forget your password, email Dave and I at admin@mallcrawlin.com so we can reset it for you.

BigDaveZJ
05-10-2005, 01:46 AM
English translation: someone broke shit, Matt fixed it, buy stickers so Matt doesn't have to fix shit so much.


:finga:

Cue-Ball
05-10-2005, 01:54 AM
Will be sending money your way tomorrow.

BigDaveZJ
05-10-2005, 09:07 AM
Also guys, the hacker fucked with some of the permissions settings for the site, I know I got quite a few IM's from a lot of people last night about problems with that.

If you notice something that still seems out of wack, LET US KNOW!! A lot of the permissions stuff is transparent for Matt and I since with our admin controls we see all, so we could use your guys help in just letting us know if you spot a problem. Thanks!!