Planted Tank Hacked - The Planted Tank Forum
 3Likes
Closed Thread
 
LinkBack Thread Tools Display Modes
post #1 of 109 (permalink) Old 09-11-2010, 01:42 PM Thread Starter
Planted Tank VIP
 
KyleT's Avatar
 
Join Date: Jul 2002
Location: Austin, Texas
Posts: 13,533
Planted Tank Hacked

It appears that September is just not our month. Sometime last night (9/10) the forum was hacked. The last time we were hacked three years ago, it was also early September.

Fortunately the hack did not involve any data loss, and as far as I know, it did not install anything malicious on any computers. The goal of the hack was to steal information from user's of the forum.

Here is information about how we were hacked:

http://www.vbseo.com/f5/security-bul...eleased-45358/

Let me know if you have any questions.

- Kyle

Please Send all Support Requests to forumadmin
Bit Of Nothing - Personal Blog
KyleT is offline  
Sponsored Links
Advertisement
 
post #2 of 109 (permalink) Old 09-11-2010, 01:48 PM
Planted Tank Guru
 
Axelrodi202's Avatar
 
Join Date: Jul 2008
Location: Morris County, NJ
Posts: 2,600
Oh my. What kind of information was stolen?

O_o
/ /_______________________________
| BWAAAH IMA FIRIHN MA LAZER!!!!!!!!!
\_\
Axelrodi202 is offline  
post #3 of 109 (permalink) Old 09-11-2010, 01:53 PM
Wannabe Guru
 
fresh.salty's Avatar
 
Join Date: Jul 2010
Location: SoCal
Posts: 1,953
So what have the hackers possibly gained. Is it just email addresses they are looking for?
fresh.salty is offline  
post #4 of 109 (permalink) Old 09-11-2010, 01:58 PM Thread Starter
Planted Tank VIP
 
KyleT's Avatar
 
Join Date: Jul 2002
Location: Austin, Texas
Posts: 13,533
I am about to send out a mass email to all members of the forum urging them to reset their passwords. The information they could have stolen could have been two things:

1) Any text you typed and submitted on the forum in the past 24 hours.
2) Any information your browser has in it's cookies or session information.

Unfortunately the details of the attack are very limited and the code that was inserted was dynamic, in other words everytime a page was loaded, the code changed. What I'm telling you is just what I have been informed of what other forum owners have experienced.

I would urge everyone to reset their password here:

http://www.plantedtank.net/forums/pr...o=editpassword

Please Send all Support Requests to forumadmin
Bit Of Nothing - Personal Blog
KyleT is offline  
post #5 of 109 (permalink) Old 09-11-2010, 02:08 PM
Wannabe Guru
 
fresh.salty's Avatar
 
Join Date: Jul 2010
Location: SoCal
Posts: 1,953
Is this possible breach of passwords limited to the password here or would that include other sites that require a user name and password such as eBay and Paypal?
fresh.salty is offline  
post #6 of 109 (permalink) Old 09-11-2010, 02:14 PM Thread Starter
Planted Tank VIP
 
KyleT's Avatar
 
Join Date: Jul 2002
Location: Austin, Texas
Posts: 13,533
Quote:
Originally Posted by fresh.salty View Post
Is this possible breach of passwords limited to the password here or would that include other sites that require a user name and password such as eBay and Paypal?
It is possible that if you visited a site that had such unbelievably lax security protocol that they stored your password in your cookies, this could happen.

However any legitimate site you visit would not do this and if they did, it would more than likely be encrypted. I'd say it is much more likely that you get struck by lighting today, twice.

Please Send all Support Requests to forumadmin
Bit Of Nothing - Personal Blog
KyleT is offline  
post #7 of 109 (permalink) Old 09-11-2010, 02:22 PM
Wannabe Guru
 
fresh.salty's Avatar
 
Join Date: Jul 2010
Location: SoCal
Posts: 1,953
Thanks Kyle.

Is there a reason the VB version number doesn't show at the bottom of the page?
fresh.salty is offline  
post #8 of 109 (permalink) Old 09-11-2010, 02:27 PM
Planted Member
 
Join Date: Aug 2010
Location: Waterloo, WI
Posts: 234
Re: Planted Tank Hacked

Kyle, I'm an IT security admin by trait. Approximately 4 years ago there was a 9-11 hack done. The way it worked was to plant it on servers, and it would randomly (9-11 on random years) activate. I'm sure you are already aware of this, so I do apologize if this is repeated information. The initial hack was more of a worm, not really not meant to do damage. Unfortunately like all hacks, variants were written. I will try and dig up the security info I had on it. Again, I don't mean to intrude, just want to share what I know, I apologize if I crossed a line. I know some forums to get touchy when members try and offer information. This does not seem like one of those places, which is why I wanted to send a message.

sent from my phone, because I can't get the internet out in the boonies.
dzydvl is offline  
post #9 of 109 (permalink) Old 09-11-2010, 02:30 PM
Planted Member
 
Join Date: Aug 2010
Location: Waterloo, WI
Posts: 234
Re: Planted Tank Hacked

As you mentioned the dynamic nature of this hack makes it a challenge to defend against. At the time FireFox was so new it was secure, it was targeted at IE, go figure.

sent from my phone, because I can't get the internet out in the boonies.
dzydvl is offline  
post #10 of 109 (permalink) Old 09-11-2010, 02:38 PM
Planted Member
 
Join Date: Oct 2007
Location: Blawk Hawk, CO
Posts: 159
Clicked on the link sent in the email to reset my password and it popped up a java script that downloaded an EXE file to my computer.... which was flagged and isolated....

Are you sure you go everything patched up, that doesn't seem to be very legitimate behavior.

46 gallon bowfront, Dalmatian Mollies, Swordtails, Otos
75 gallon Lake Malawi African Cichlids
3 gallon nano desktop with Betta at the office
robbob2112 is offline  
post #11 of 109 (permalink) Old 09-11-2010, 02:52 PM
Planted Tank Guru
 
Crispino L Ramos's Avatar
 
Join Date: Mar 2008
Location: Phoenix, Arizona
Posts: 2,465
Kyle,

Thank you for the warning.

Cris

Crispino L Ramos is offline  
post #12 of 109 (permalink) Old 09-11-2010, 02:54 PM
Wannabe Guru
 
MrJG's Avatar
 
Join Date: Feb 2007
Location: Lancaster, S.C.
Posts: 1,406
Same here on the link to this thread from the email. Chrome blocked it as malicious activity but logging in direct to the forum did not have any issues.

Hate that this happens. Much luck cleaning up the madness Kyle.
MrJG is offline  
post #13 of 109 (permalink) Old 09-11-2010, 03:00 PM
Sponsor
 
Green Leaf Aquariums's Avatar
 
Join Date: Feb 2007
Location: SWAMP
Posts: 4,701
Green Leaf Aquariums is offline  
post #14 of 109 (permalink) Old 09-11-2010, 03:11 PM
Planted Tank Obsessed
 
ukamikazu's Avatar
 
Join Date: Jun 2010
Location: Austin, Texas
Posts: 410
Thank you again, Kyle. I'm sure everything is well in hand.

"You are much better off with no numbers than meaningless ones. The minute you believe numbers uncritically, that is, without understanding how they're calculated and how well they measure whatever they're supposed to measure, you will generate a breed of employee who will produce numbers and not results. Your data-processing system will then serve not to describe reality but to lie about it."

-Micheal S. Montalbano
ukamikazu is offline  
post #15 of 109 (permalink) Old 09-11-2010, 03:12 PM
Planted Tank Obsessed
 
Join Date: Aug 2010
Location: Ohio, USA
Posts: 489
Thanks for the warning Kyle.

Haven't had any problems that a couple others mentioned here.
Armonious is offline  
Closed Thread

Quick Reply
Message:
Options

Register Now



In order to be able to post messages on the The Planted Tank Forum forums, you must first register.
Please enter your desired user name, your email address and other required details in the form below.

User Name:
Password
Please enter a password for your user account. Note that passwords are case-sensitive.

Password:


Confirm Password:
Email Address
Please enter a valid email address for yourself.

Email Address:
OR

Log-in









Human Verification

In order to verify that you are a human and not a spam bot, please enter the answer into the following box below based on the instructions contained in the graphic.



Thread Tools
Show Printable Version Show Printable Version
Email this Page Email this Page
Display Modes
Linear Mode Linear Mode



Posting Rules  
You may not post new threads
You may post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On

 
For the best viewing experience please update your browser to Google Chrome