PDA

View Full Version : Details of the Outage.



Bourne
08-30-2013, 05:28 AM
Yes, MTF was hacked.

What it was:
It was an automated script that modified two core website files. We had the problem identified and fixed within a few minutes of the attack. It was sophisticated in the way it infiltrated our forum, but it was not extensive in what it modified.
Essentially, it swapped the content of 2 of the 3 or 4 most used pages on the site, instead displaying a "Devil" cartoon, rather than the forum you wanted to see. It created a very strong impact with minimal effort.
We wanted to restore the site sooner, but decided to take our time and use the rest of the week to shore up our defenses and make sure nothing else was at risk or altered, as well as to do some much needed maintenance.

What it all means to you:
Aside from the outage - nothing.
Your account is safe. No emails or passwords were compromised.
Your computer and private files are also completely untouched by anything when using the Forums.

With the proliferation of vbulletin, many people are developing ways to hack it - mostly just because they can, not to do any real harm. It had nothing to do with our members, or the information on our site.

Thank you all for your patience while the forum was down.
If you have any other concerns, please voice them here.

Welcome back!

technomage1
08-30-2013, 05:52 AM
Thanks for the update.

garhkal
08-30-2013, 06:04 AM
Since each account has an email addy with it, is there a way we could say get 'email alert's when things like this happen in the future?

Bourne
08-31-2013, 01:25 AM
Since each account has an email addy with it, is there a way we could say get 'email alert's when things like this happen in the future?

As much as I wanted to inform everyone of the issue - It is safest to simply not use the site when something like this happens.

We do this because we do not know what was compromised. For instance, it is possible that the hacker put a fake "restore your account" link in the email template in the same way the forum homepage template was altered to show the Devil cartoon. That link could then harvest your account information if you tried to log in. Sending you a potentially hacked email could inadvertently put you at an even greater risk. So, we simply avoid accessing any files, take the whole site offline, and then investigate and fix the issue. It's the safest course of action once a hack has happened.

Gonzo432
08-31-2013, 02:37 AM
Was it the Rooskies? The Chi-Coms? The NorKs? The Syrians?? Assad's 11 year-old who's taunting us on Facebook?

RS6405
10-05-2013, 01:38 AM
Ok was there another hack of some kind???

I had to reset my password this am.

Then later I could not log in no matter what.

I had trouble re-setting my password... several times; then it took.

At first everything was locked to me; now I am simply probation status and cannot post an original thread nor like anyone's posts.

What gives??

RS6405
10-05-2013, 01:39 AM
And I am listed as a newbie apparently---lovely :pout

... or the system hates me and want to make a liar out of me lol

RS6405
10-05-2013, 02:12 AM
So did everyone have to enter a new password?

Cerberus
10-05-2013, 03:40 AM
RS...I don't know what happened earlier, but I don't see any problems with your account re: status. Passwords have to be changed periodically (exact days I'll have to look up), so that isn't a surprise. The only thing I can guess is that you happen to coincide with the servers getting unsynch'd (thus the multiple tries for a new password and being in "newbie land" for a couple hours)

I'll ask Bourne to see if there's any data trail that might tell us for sure. But everything looks OK with your account from here. If you continue to have problems, please post here or send me a PM.

Mjölnir
10-05-2013, 12:31 PM
And I am listed as a newbie apparently---lovely :pout

... or the system hates me and want to make a liar out of me lol

I show your status as "member' and your post count as 945. As far as you know is that accurate?

sandsjames
10-05-2013, 12:55 PM
RS...I don't know what happened earlier, but I don't see any problems with your account re: status. Passwords have to be changed periodically (exact days I'll have to look up), so that isn't a surprise. The only thing I can guess is that you happen to coincide with the servers getting unsynch'd (thus the multiple tries for a new password and being in "newbie land" for a couple hours)

I'll ask Bourne to see if there's any data trail that might tell us for sure. But everything looks OK with your account from here. If you continue to have problems, please post here or send me a PM.120 days, I believe.

RobotChicken
10-05-2013, 04:35 PM
So did everyone have to enter a new password?

:violin "You 'Betcha' ; with all the 'imposture' (3 so far) 'Chickens' running around this barnyard IT Should BE weekly for 'RC'!!" :outtahere:

RobotChicken
10-05-2013, 05:02 PM
Ok was there another hack of some kind???

I had to reset my password this am.

Then later I could not log in no matter what.

I had trouble re-setting my password... several times; then it took.

At first everything was locked to me; now I am simply probation status and cannot post an original thread nor like anyone's posts.

What gives??

:shocked2: "It's a New age for us old Farts; get use to change or fade away with our history." (funny how the new generations that don't study history ALWAYS tend to repeat the bad stuff...)