Don't you just love hackers...?
polycounter lvl 18
So I wake up this morning, and find the main OverDose site has been deleted from the FTP, and in its place theres a .sql exploit file, as well as loads of other ShellBOT files and phpbb exploit files all over the site... Thankfully, only the main OverDose site has been deleted, and the forums, Blur site and other little things (Like my portfolio etc) are still ok...
But I have to say, I'm slightly vexed... Its not that it wasn't backed up, because it is, its just that now I'll have to install the damn thing again, and its not a quick 10minute job either... Whats the chance on the main hosting saving snapshots of the FTP so they can replace the dir?
Why are people so pathetic they have to hack something for no reason at all? Ugh... Really grinds my gears...
Anybody else had any trouble with dirty hackers...?
But I have to say, I'm slightly vexed... Its not that it wasn't backed up, because it is, its just that now I'll have to install the damn thing again, and its not a quick 10minute job either... Whats the chance on the main hosting saving snapshots of the FTP so they can replace the dir?
Why are people so pathetic they have to hack something for no reason at all? Ugh... Really grinds my gears...
Anybody else had any trouble with dirty hackers...?
Replies
I guess their hack tries to serve a purpose and earn the hacker some click thru money. Hacks like the one you've received, really piss me off, because as you mentioned, it serves no purpose other than to destroy shit on the net.
odium: I really don't understand the point of hacking a random site and deleting everything just for the fun of it. I mean what if you get caught? I guess they think something like that is worth going to jail for.
The only experience I've had was in WOW where some gold seller hacked my account and got it suspended. Thankfully they helped me get the stuff back and reactivated my account.
Theres a blog article here: http://dagblog.com/humor-satire/who-hijacked-yahoo-mail-3151 which goes over the Yahoo mail thing with some lengthy comments which make interesting reading.
I would really like to just stop using Yahoo mail and transfer over to GMail or similar but this seems like a lot of hassle to update everything/ everybody to use a new ail address.
What version and type of forum sotfware were you using? THere was a recent exploit published earlier this month that required all Vbullitens of a certain version to upgrade ASAP. In fact I would question was all your php and such up to date with security patches. Finally. You hopefully arent using a Windows server, and FTP is too insecure for most things.
If your Yahoo uses POP3 you can make Gmail pickup your mail from the Yahoo Box.
I switched a while back, sent out emails to my contacts alerting them of the change and any stray emails going to my old account get spam filtered and arrive in my mailbox courtesy of Google.
My recommendation to everyone so far, has been to change their password and it seems to resolve it. My brother was too lazy to change his the first time I mentioned it, and thought everything was good because it seemed to have stopped. Then, a month later, it started sending the spam emails again. He finally changed his password, and the problem went away.
I have a theory, that the hacker is maybe getting into your cookies, and finding one that stores a yahoo email and password. Then, it goes to yahoo and tests the same password. Since most people use the same password for other sites, as they do for email, it probably works.
*crosses fingers* This has never happened to my yahoo account, but I use a very unique password for my email accounts, that I don't use on any other site. So, for instance, if polycount used my email addy as a login, and had my password as part of a cookie, a hacker would not be able to use my password here to get into my yahoo account.
I thought Yahoo stopped allowing pop3 with their free accounts?
and i learnt its totally easy to hack some sites, especially phpbb based forums
just sql inject something into the logon screen and your in the admin panel and can destroy everything
my recomendations:
use safe passwords, and (since one usually uses the same pwds ovber and over)
dont use them passwords assigned to importand things in social networks
since facebook and myspace is also very hackable (simple cross site script in user content is able to send the cookies to the attackers computer)
allowing him to using your account,
them big bot networks are only there for money, the people behind it usually get paid
for sending mass spam
and deletion of stuff is usually some frustraded hacker kiddie trying to be awesome
"You just need a terminal to hack into the mainframe through the backdoor"
"I don't get it, I thought you said you where a programmer? Why can't you re-target Chinese ICBM's to obliterate Russia using my Commodore 64!?"
It's that simple...
but hacking together a gui in visual basic after someone postet at a forum or something that doesnt log, is totally worthless, i would fire that chick, immediately
proper way is getting the date of the post (usually year month day hour secons) and then you ask the provider for the log opf that specific second , and then you filter them postrequests that contains the text and then you can see the ip, but what now?
i would say i get to know which telephone company owns the ip , and ask him who logged in under that ip in that time, and gotcha
but that all would require data retention, and around here (germany) its illegal:D
a gui INTERFACE!
GENIUS!
wonder what that would look like..man an interface for the interface. MINDFUCK!
one calls that "proxy"
sometimes theres also the decorator pattern thats usually an interface for an interface too
I wake up this morning to find the entire site is still there, but down...
It seems that this time, the hackers deleted every single .SQL database we used. That means our forums, our main site AND our developer SDK and wiki (A whole site made JUST for helping people) are all gone, because the data was deleted...
Also, the only page that still works is the main Team Blur Games homepage because its made in shitty html as a base... but oddly enough every page works fine... Except the "projects" page which links to OverDose, which was deleted...
So it looks like we were right, some Killing Floor fan has hacked us AGAIN, just for kicks, and to be honest I'm getting tired of it. It's made me decide to stand down as lead artist on the project and also take all my work with me. Its just utterly childish that people have to stoop to such retarded levels.
Now I realise I don't have all the information (what's going on between you and Killing Floor fans, for instance), so feel free to clue me in, but right now it looks a lot like 'I'm leaving and I'm taking my ball!'
I have no sympathy for you if in fact if you were in charge of the site if you did nothing to prevent this after the first attack, nor if this was maintained by another and you failed to stress updating security implementations. You speak of childishness yet how are you not acting like one by leaving?
If you did however and you were ignored. I can see leaving. Not because of the hackers, but because your fellows took so little value in your opinion or were too lazy to actually do something about the issue.