Author Topic: Hacked again..  (Read 40626 times)

0 Members and 3 Guests are viewing this topic.

Offline goldshirt*9

  • Super Hero
  • *******
  • Posts: 7384
  • Gender: Male
  • Who yous looking ats
Re: Hacked again..
« Reply #45 on: February 08, 2013, 12:47:08 AM »
doesn't take alot these days to piss off Anonymous.
The standards of the hacker today have certainly dropped

Offline smokester

  • Administrator
  • Q
  • *
  • Posts: 15941
  • Gender: Male
  • Da mihi castitatem et continentiam, sed noli modo!
Re: Hacked again..
« Reply #46 on: February 08, 2013, 02:18:54 AM »
These days it seems to be all about "phishing". We have never had a hack from a bored, probably spotty, teen trying to hone his skills, nor have WikiLeaks made any attempt to out us.  What does happen every time one of my sites are hacked, is that bogus phishing pages and files are added in an attempt to defraud someone.

It's pretty futile to as these files are almost immediately picked up and either quarantined or the site disabled.
Don't put off until tomorrow, what you can put off until the day after.

There is an exception to every rule, apart from this one.

Offline 8ullfrog

  • Homo Superior
  • ******
  • Posts: 3245
Re: Hacked again..
« Reply #47 on: February 08, 2013, 02:29:32 AM »
Have you ever considered kicking off a new week/month/year by completely firebombing the database and starting from scratch? I always thought the demonoid fora could be improved by a short exposure to a black hole.

Offline smokester

  • Administrator
  • Q
  • *
  • Posts: 15941
  • Gender: Male
  • Da mihi castitatem et continentiam, sed noli modo!
Re: Hacked again..
« Reply #48 on: February 08, 2013, 02:40:53 AM »
The database is never touched.  What they seem to do is find a vulnerability that gets them FTP access and then they upload the files. 

There was one hack when all the index pages (SMF has a lot of them) had the code altered with a redirect script, but as some of the index pages were remote and only called back the main index, I presume this was also an automatic hack that just searched and altered all instances that it found.
Don't put off until tomorrow, what you can put off until the day after.

There is an exception to every rule, apart from this one.

Offline 8ullfrog

  • Homo Superior
  • ******
  • Posts: 3245
Re: Hacked again..
« Reply #49 on: February 08, 2013, 04:24:48 AM »
Any idea what makes them target this site specifically?

Offline smokester

  • Administrator
  • Q
  • *
  • Posts: 15941
  • Gender: Male
  • Da mihi castitatem et continentiam, sed noli modo!
Re: Hacked again..
« Reply #50 on: February 08, 2013, 03:05:17 PM »
Any idea what makes them target this site specifically?

I would guess that in part it may be the SMF installation as few, if any, versions have been bulletproof. It could also be that on paper it looks like we have a lot of traffic so if you are going to go phishing, you will need the phish. Lastly, you have to consider that dweez is a hacker-magnet.  He had signed up to be a chick-magnet but the ink ran.
Don't put off until tomorrow, what you can put off until the day after.

There is an exception to every rule, apart from this one.

Offline dweez

  • Global Moderator
  • Q
  • *
  • Posts: 11622
  • Gender: Male
  • Rebel Mod
Re: Hacked again..
« Reply #51 on: February 08, 2013, 10:29:39 PM »
Dang!



It's probably an automated thing.  Hacker runs a script and plugs in a range of IP addresses then walks away.  Script checks each IP to see if it's vulnerable to any of a number of exploits.  Script reports back to hacker, either when the scan is complete or as each vulnerable IP/server is found to let him/her know what it's vulnerable to.

The smart hackers do what's called a "slow scan".  It takes much longer but can help avoid "threshold" security on the server (server locks out offending IP and/or alerts the server owner if too many malicious looking "hits" occur during a pre-set up timeframe).
« Last Edit: February 09, 2013, 09:36:04 AM by dweez »
--dweez

Offline smokester

  • Administrator
  • Q
  • *
  • Posts: 15941
  • Gender: Male
  • Da mihi castitatem et continentiam, sed noli modo!
Re: Hacked again..
« Reply #52 on: February 09, 2013, 03:34:57 AM »
I'm confused now: where's the twitching eye?
Don't put off until tomorrow, what you can put off until the day after.

There is an exception to every rule, apart from this one.

Offline smokester

  • Administrator
  • Q
  • *
  • Posts: 15941
  • Gender: Male
  • Da mihi castitatem et continentiam, sed noli modo!
Re: Hacked again..
« Reply #53 on: February 15, 2013, 12:34:37 PM »
Sorry all. Had to work and then this one was difficult to remedy once I got home and started on it.

Must eat and bathe and will update later.
Don't put off until tomorrow, what you can put off until the day after.

There is an exception to every rule, apart from this one.

Offline 6pairsofshoes

  • Homo Superior
  • ******
  • Posts: 3761
Re: Hacked again..
« Reply #54 on: February 16, 2013, 12:16:20 AM »
encore une fois?

Offline bubu

  • Homo Erectus
  • **
  • Posts: 131
  • Gender: Female
Re: Hacked again..
« Reply #55 on: February 16, 2013, 02:37:04 AM »
Happy you are back  :)

Offline brickbatz

  • Cro-Magnon
  • ****
  • Posts: 803
  • Gender: Male
  • Politically Incorrect
Re: Hacked again..
« Reply #56 on: February 16, 2013, 06:45:03 AM »

Offline tarascon

  • Cro-Magnon
  • ****
  • Posts: 698
  • Gender: Male
  • Try again. Fail again. Fail better.
Re: Hacked again..
« Reply #57 on: February 16, 2013, 07:15:20 AM »
Thank you for the good work smokester. >bows<
Estragon: I can't go on like this.
Vladimir: That's what you think.

Offline Discover99

  • Cro-Magnon
  • ****
  • Posts: 693
  • Gender: Female
Re: Hacked again..
« Reply #58 on: February 16, 2013, 10:21:45 AM »

Offline smokester

  • Administrator
  • Q
  • *
  • Posts: 15941
  • Gender: Male
  • Da mihi castitatem et continentiam, sed noli modo!
Re: Hacked again..
« Reply #59 on: February 16, 2013, 01:15:57 PM »
encore une fois?

Yep, they were at it again.

Thank you for the good work smokester. >bows<

Thanks tarascon. 

I have taken some additional measures in an attempt to stop this happening again.  I'm not entirely sure why we have had such interest recently when we have gone years without a squeak. 

Keeps it interesting I suppose.
Don't put off until tomorrow, what you can put off until the day after.

There is an exception to every rule, apart from this one.