Somersoft Hacked?
- Thread starter HomeBuyAU
- Start date
Sim
Administrator
Yes, passwords are one-way hash encrypted with salt.
From the activity I've examined in the logs, it seems that the intent was solely to spam the site via links and auto-redirects. It doesn't seem to be malicious (if you can consider spam to be non-malicious
)
I did actually manage to talk to the hacker in the chatroom (verified by IP address in the logs), and he explained he was being paid to hack forum sites for spam. From what I've seen of his activity, I believe him.
So, while passwords are encrypted and in that regard access to the database is largely useless to anyone - to be safe, if you are silly enough to be using the same password on the forum as you use for other critical sites, I suggest you go and change your passwords, just to be sure! In general, I don't think there's much reason to be concerned.
Either way, I will be making some changes to the site - including accelerating the timetable for migration to the new forum software (XenForo). I may also move the site to a new server which I'm hoping with mitigate some more risk of future problems.
Sorry for the extended outage again today - I needed to check a few more things, and fixing a broken site while looking after a sick 3yo is quite a challenge
From the activity I've examined in the logs, it seems that the intent was solely to spam the site via links and auto-redirects. It doesn't seem to be malicious (if you can consider spam to be non-malicious
)I did actually manage to talk to the hacker in the chatroom (verified by IP address in the logs), and he explained he was being paid to hack forum sites for spam. From what I've seen of his activity, I believe him.
So, while passwords are encrypted and in that regard access to the database is largely useless to anyone - to be safe, if you are silly enough to be using the same password on the forum as you use for other critical sites, I suggest you go and change your passwords, just to be sure! In general, I don't think there's much reason to be concerned.
Either way, I will be making some changes to the site - including accelerating the timetable for migration to the new forum software (XenForo). I may also move the site to a new server which I'm hoping with mitigate some more risk of future problems.
Sorry for the extended outage again today - I needed to check a few more things, and fixing a broken site while looking after a sick 3yo is quite a challenge
Yes, passwords are one-way hash encrypted with salt.
From the activity I've examined in the logs, it seems that the intent was solely to spam the site via links and auto-redirects. It doesn't seem to be malicious (if you can consider spam to be non-malicious
I did actually manage to talk to the hacker in the chatroom (verified by IP address in the logs), and he explained he was being paid to hack forum sites for spam. From what I've seen of his activity, I believe him.
So, while passwords are encrypted and in that regard access to the database is largely useless to anyone - to be safe, if you are silly enough to be using the same password on the forum as you use for other critical sites, I suggest you go and change your passwords, just to be sure! In general, I don't think there's much reason to be concerned.
Either way, I will be making some changes to the site - including accelerating the timetable for migration to the new forum software (XenForo). I may also move the site to a new server which I'm hoping with mitigate some more risk of future problems.
Sorry for the extended outage again today - I needed to check a few more things, and fixing a broken site while looking after a sick 3yo is quite a challenge
Thanks for fixing the forum so quickly SIM now you have the hackers IP and know who the hacker is hopefully they cause no more issues.
Pretty lame hack to spam a property forum with weight loss.
Bad spellers!
Sim
Administrator
No that one was a joke - the hacker has a random username as generated by the chatroom software.
The only reason he was in there was that I interrupted him mid-hack when I turned the site off ... he was redirected to the chatroom along with everyone else.
When I visited Somersoft around lunchtime yesterday you didn't even have to click a link, once you opened a thread the browser was redirecting the browser to the site...
Sim
Administrator
Yup, it's called a JavaScript redirect - tells the browser to do something automatically.
Sim
Administrator
It was a VPN ... so I can't tell.
Nobody in their right mind would attempt to hack a site using their own IP address
I would bet the IP goes back to some a VS or DS in a hosting rack using running some scripts setup for that purpose setup last week with a stolen CC.
my vB 3.6.8 site keeps reporting database errors but no spam injections so far it seems.
my vB 3.6.8 site keeps reporting database errors but no spam injections so far it seems.
I have no idea what you just said.
oh ok.
Ego bet in IP vadit ad quidam a VS vel DS in a Hosting eculeo usura currit quidam scriptor setup id setup ultima septimana cum rapto CC.
mea VB 3.6.8 site tenet nuntiantes database errores non spam injections ita videtur.
Ego bet in IP vadit ad quidam a VS vel DS in a Hosting eculeo usura currit quidam scriptor setup id setup ultima septimana cum rapto CC.
mea VB 3.6.8 site tenet nuntiantes database errores non spam injections ita videtur.
