Follow along with the video below to see how to install our site as a web app on your home screen.
Note: This feature may not be available in some browsers.
Yes, passwords are one-way hash encrypted with salt.
From the activity I've examined in the logs, it seems that the intent was solely to spam the site via links and auto-redirects. It doesn't seem to be malicious (if you can consider spam to be non-malicious )
I did actually manage to talk to the hacker in the chatroom (verified by IP address in the logs), and he explained he was being paid to hack forum sites for spam. From what I've seen of his activity, I believe him.
So, while passwords are encrypted and in that regard access to the database is largely useless to anyone - to be safe, if you are silly enough to be using the same password on the forum as you use for other critical sites, I suggest you go and change your passwords, just to be sure! In general, I don't think there's much reason to be concerned.
Either way, I will be making some changes to the site - including accelerating the timetable for migration to the new forum software (XenForo). I may also move the site to a new server which I'm hoping with mitigate some more risk of future problems.
Sorry for the extended outage again today - I needed to check a few more things, and fixing a broken site while looking after a sick 3yo is quite a challenge
Thanks for fixing the forum so quickly SIM now you have the hackers IP and know who the hacker is hopefully they cause no more issues.
Pretty lame hack to spam a property forum with weight loss.
haha when I poked my head in earlier today there was a user in there called theHacker, I thought it was just a joke by someone!I did actually manage to talk to the hacker in the chatroom (verified by IP address in the logs), and he explained he was being paid to hack forum sites for spam. From what I've seen of his activity, I believe him.
Hacker came to the chatroom? That is interesting.I did actually manage to talk to the hacker in the chatroom (verified by IP address in the logs), and he explained he was being paid to hack forum sites for spam. From what I've seen of his activity, I believe him.
haha when I poked my head in earlier today there was a user in there called theHacker, I thought it was just a joke by someone!
What reason would he have to come back and chat with you about it? Seems bizarre.
When I visited Somersoft around lunchtime yesterday you didn't even have to click a link, once you opened a thread the browser was redirecting the browser to the site...Ha, that's funny. A bit sad that he gets paid to spam forums, when most of the folks on here would be too clever to fall for those spam links...
When I visited Somersoft around lunchtime yesterday you didn't even have to click a link, once you opened a thread the browser was redirecting the browser to the site...
I interrupted him mid-hack
Sim- did you keep a transcript of the chat with the hacker? What country was his IP from?
I would bet the IP goes back to some a VS or DS in a hosting rack using running some scripts setup for that purpose setup last week with a stolen CC.
my vB 3.6.8 site keeps reporting database errors but no spam injections so far it seems.