The Planted Tank Forum

The Planted Tank Forum (http://www.plantedtank.net/forums/index.php)
-   Important Update/Announcements (http://www.plantedtank.net/forums/forumdisplay.php?f=90)
-   -   Planted Tank Hacked (http://www.plantedtank.net/forums/showthread.php?t=115827)

KyleT 09-11-2010 01:42 PM

Planted Tank Hacked
 
It appears that September is just not our month. Sometime last night (9/10) the forum was hacked. The last time we were hacked three years ago, it was also early September.

Fortunately the hack did not involve any data loss, and as far as I know, it did not install anything malicious on any computers. The goal of the hack was to steal information from user's of the forum.

Here is information about how we were hacked:

http://www.vbseo.com/f5/security-bul...eleased-45358/

Let me know if you have any questions.

- Kyle

Axelrodi202 09-11-2010 01:48 PM

Oh my. What kind of information was stolen? :eek:

fresh.salty 09-11-2010 01:53 PM

So what have the hackers possibly gained. Is it just email addresses they are looking for?

KyleT 09-11-2010 01:58 PM

I am about to send out a mass email to all members of the forum urging them to reset their passwords. The information they could have stolen could have been two things:

1) Any text you typed and submitted on the forum in the past 24 hours.
2) Any information your browser has in it's cookies or session information.

Unfortunately the details of the attack are very limited and the code that was inserted was dynamic, in other words everytime a page was loaded, the code changed. What I'm telling you is just what I have been informed of what other forum owners have experienced.

I would urge everyone to reset their password here:

http://www.plantedtank.net/forums/pr...o=editpassword

fresh.salty 09-11-2010 02:08 PM

Is this possible breach of passwords limited to the password here or would that include other sites that require a user name and password such as eBay and Paypal?

KyleT 09-11-2010 02:14 PM

Quote:

Originally Posted by fresh.salty (Post 1151965)
Is this possible breach of passwords limited to the password here or would that include other sites that require a user name and password such as eBay and Paypal?

It is possible that if you visited a site that had such unbelievably lax security protocol that they stored your password in your cookies, this could happen.

However any legitimate site you visit would not do this and if they did, it would more than likely be encrypted. I'd say it is much more likely that you get struck by lighting today, twice.

fresh.salty 09-11-2010 02:22 PM

Thanks Kyle.

Is there a reason the VB version number doesn't show at the bottom of the page?

dzydvl 09-11-2010 02:27 PM

Re: Planted Tank Hacked
 
Kyle, I'm an IT security admin by trait. Approximately 4 years ago there was a 9-11 hack done. The way it worked was to plant it on servers, and it would randomly (9-11 on random years) activate. I'm sure you are already aware of this, so I do apologize if this is repeated information. The initial hack was more of a worm, not really not meant to do damage. Unfortunately like all hacks, variants were written. I will try and dig up the security info I had on it. Again, I don't mean to intrude, just want to share what I know, I apologize if I crossed a line. I know some forums to get touchy when members try and offer information. This does not seem like one of those places, which is why I wanted to send a message.

sent from my phone, because I can't get the internet out in the boonies.

dzydvl 09-11-2010 02:30 PM

Re: Planted Tank Hacked
 
As you mentioned the dynamic nature of this hack makes it a challenge to defend against. At the time FireFox was so new it was secure, it was targeted at IE, go figure.

sent from my phone, because I can't get the internet out in the boonies.

robbob2112 09-11-2010 02:38 PM

Clicked on the link sent in the email to reset my password and it popped up a java script that downloaded an EXE file to my computer.... which was flagged and isolated....

Are you sure you go everything patched up, that doesn't seem to be very legitimate behavior.

Crispino L Ramos 09-11-2010 02:52 PM

Kyle,

Thank you for the warning.

Cris

MrJG 09-11-2010 02:54 PM

Same here on the link to this thread from the email. Chrome blocked it as malicious activity but logging in direct to the forum did not have any issues.

Hate that this happens. Much luck cleaning up the madness Kyle.

Green Leaf Aquariums 09-11-2010 03:00 PM

Thank you Kyle for the heads up.

-O

ukamikazu 09-11-2010 03:11 PM

Thank you again, Kyle. I'm sure everything is well in hand.

Armonious 09-11-2010 03:12 PM

Thanks for the warning Kyle.

Haven't had any problems that a couple others mentioned here.


All times are GMT. The time now is 07:44 PM.

Powered by vBulletin®
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.