Some of you may have noticed our down time recently. If you went onto IRC, you may have even heard why. Yes, we were hacked. Why? How?
It's quite embarrassing really.
It seems that a program posted on the forum claiming to generate rapidshare premium accounts *actually* uploaded your firefox profile to some FTP site somewhere. I ran the program in
SandboxIE (a very good program by the way), but for whatever reason that didn't stop it. I think it's because it was only reading rather than writing to my computer.
The result? Every password I had in my firefox stored passwords list became available to the script-kiddies involved. Forunately, I reinstalled windows last week, so there wasn't very many. They did manage to take control of my email, paypal account, ebay account and tried to buy a lot of Xbox Live points. Fortunately gmail has a good account-recovery system.
Sadly, the dildo I won on ebay will never arrive, but fortunately I won't get negative feedback for not paying.
The database may have been dumped (again...), but the passwords are all encrypted and would take days or weeks to crack (use strong passwords, people!). I've learnt an important lesson (never run untrusted programs, ever. Even if you think they're sandboxed), and everyone's happy.
We have lost a few hours (maybe day) of posts and user registrations. If you made anything very important, I'm sorry, but I can't get it back.
We do know the IP address and rough location of one of the people that did it (he was behind 7 boxxies, but somehow that didn't stop him logging into our server via FTP with his IP address), and the relevant authorities have been informed.
I hope you all enjoyed two days without DS media!
You're only human i'm sure we'll all survive.
Nice to have the forum back though =)
it is great that you use so much of you time on gbatmw and improves it!
This is too much.
GBATMW has pretty bad luck...Anyway good thing its back again.
I'm sure we could all lay into leo on this one, or even just razz him a little bit, but I want to say a genuine "Thank You" for getting us back up and running again so quickly.
When I emailed him Sunday night to figure out what was going on, he responded within minutes, admitted what had happened, and said he didn't think we'd be able to be up again before Wednesday or Thursday.
It may seem a silly thing, but as I've said before, this site means the world to me, and it's great to have it back.
Leo, I really appreciate everything you do for us, and all the time you put into maintaining the site, and thus my sanity.
Too bad about the dildo, though.
this wouldn't have happened with a mac
(03-10-2009 09:02 PM)iicon Wrote: [ -> ]this wouldn't have happened with a mac
You could also argue that this wouldn't have happened if he didn't use Firefox, or Rapidshare, or didn't eat hamster, or any number of other ridiculous sentiments.
The fact is, it happened, the damage was (so far, at least) minimal, and I think we all have learned not to install/run untrusted programs, and to use stronger passwords.
And never,
EVER bid on a dildo on ebay. You have no way of guaranteeing it's not been used. (Ewwwwww.......
unless by a model/porn star/cute Asian chick)
(03-10-2009 09:27 PM)segascream Wrote: [ -> ] (03-10-2009 09:02 PM)iicon Wrote: [ -> ]this wouldn't have happened with a mac
You could also argue that this wouldn't have happened if he didn't use Firefox, or Rapidshare, or didn't eat hamster, or any number of other ridiculous sentiments.
wooosh
(03-10-2009 09:50 PM)iicon Wrote: [ -> ] (03-10-2009 09:27 PM)segascream Wrote: [ -> ] (03-10-2009 09:02 PM)iicon Wrote: [ -> ]this wouldn't have happened with a mac
You could also argue that this wouldn't have happened if he didn't use Firefox, or Rapidshare, or didn't eat hamster, or any number of other ridiculous sentiments.
wooosh
Let me reiterate my point...you could say "This wouldn't happen if you ran Ubuntu", or "This wouldn't happen if you would man up and write your own OS", or whatever. I simply think it's a poor time to start arguing for your favorite OS/system/whatever. I mean, this could have easily been a lot worse for leo than it was, and honestly, the site being down was little more than a (comparatively) harmless side effect.
Macs aren't invincible, security-wise, you know? They only get attacked less because fewer people use them. It's essentially the same as saying that a Ferrarri is the most theft-resistant car in the US, because so few of them get broken into. That may be true, but so few get broken into
because there's so few of them in the US.
Thanks for the explanation and sandbox program, i had a feeling gbatmw was hacked, it has said account suspended or 404 error.
(03-10-2009 10:10 PM)segascream Wrote: [ -> ] (03-10-2009 09:50 PM)iicon Wrote: [ -> ] (03-10-2009 09:27 PM)segascream Wrote: [ -> ] (03-10-2009 09:02 PM)iicon Wrote: [ -> ]this wouldn't have happened with a mac
You could also argue that this wouldn't have happened if he didn't use Firefox, or Rapidshare, or didn't eat hamster, or any number of other ridiculous sentiments.
wooosh
Let me reiterate my point...you could say "This wouldn't happen if you ran Ubuntu", or "This wouldn't happen if you would man up and write your own OS", or whatever. I simply think it's a poor time to start arguing for your favorite OS/system/whatever. I mean, this could have easily been a lot worse for leo than it was, and honestly, the site being down was little more than a (comparatively) harmless side effect.
Macs aren't invincible, security-wise, you know? They only get attacked less because fewer people use them. It's essentially the same as saying that a Ferrarri is the most theft-resistant car in the US, because so few of them get broken into. That may be true, but so few get broken into because there's so few of them in the US.
Wooosh.
(03-10-2009 10:10 PM)segascream Wrote: [ -> ]Let me reiterate my point...you could say "This wouldn't happen if you ran Ubuntu", or "This wouldn't happen if you would man up and write your own OS", or whatever. I simply think it's a poor time to start arguing for your favorite OS/system/whatever. I mean, this could have easily been a lot worse for leo than it was, and honestly, the site being down was little more than a (comparatively) harmless side effect.
Macs aren't invincible, security-wise, you know? They only get attacked less because fewer people use them. It's essentially the same as saying that a Ferrarri is the most theft-resistant car in the US, because so few of them get broken into. That may be true, but so few get broken into because there's so few of them in the US.
Let's not turn it into a wooshing competition. It all worked out in the end. I did sit opposite *the* most obnoxious woman I've ever seen on the train for about an hour though.
(03-10-2009 11:35 PM)leoedin Wrote: [ -> ]I did sit opposite *the* most obnoxious woman I've ever seen on the train for about an hour though.
Woosh?
(I somehow felt like i had to fit in)
I remember those rapidshare threads. There were two of them, and upon noticing them I immediately deleted the threads and issued warnings to the original posters for creating the threads.
As far as sandboxing goes, it doesn't block the internet traffic the sandboxed app sends/receives, so it's no wonder how it happened. The only thing that sandboxie protects you from is firefox (or any app) permanently writing something to your computer. The app doesn't know it's sandboxed and continues to operate as normal, only once you terminate the program(s), any data it would have written to disk (a worm or virus, perhaps?) is removed.
I wasn't around when all this was going on, but I did read the entire log. I really hope you're able to press charges on these guys. What they did was a crime on multiple levels. They must pay!
(03-11-2009 01:26 AM)ruegore Wrote: [ -> ]I really hope you're able to press charges on these guys. What they did was a crime on multiple levels. They must pay!
I agree, and, Leo, do you know if they've been apprehended yet, or if they ever will be, because they owe you some restitution for all the troubles they caused you.
good to be back though
That's actually kindof a funny story. I hope everything is ok.
I knew something was going on... I saw two posts to this download accelerator on this forum, and it seemed odd. The people that posted it obviously have something to do with it. And I bet they were targeting Leo to get in, so the Mac comment is useless. If he had a Mac, they would have made it for Mac.
Rue is right. I hope they're made to pay for this, because if they get away with it, we'll get more of their stupid whiny attacks.
Don't mind me people. Just taking out the garbage.
wow, this thread just got shorter.
sue that faget's ass rue.