Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
 Board hacked
#1
Obviously, change your password folks. It seems they overwrote the default template settings to display their payload. We have evidence that the database got dumped as well. so they probably have a copy of everything on the board. In any case, I undid their damages, minus the graphics. I was sure as to the extent of what they did at first, so I did a fresh copy of the base forum software, no plugins. The graphics are still in the backup folder, and I'll move them across later. Right now I'm tired. It wasn't even hard to remove.

We do know how they got in, and that plugin has been removed. We are aware of other vulnerabilities that they could potentially attack. We were aware of the one they exploited as well. This is why we were actively looking for other software to migrate to, but had yet to finish testing of the solutions to make sure they would work before disrupting the entire community. We still plan on doing that. It may take a little time, as we are volunteers with very busy real life schedules.
#2
Images restored. Plugins still not replaced, in fact, we're not putting them back because it will aid in migration not to have them. That said, spoilers are down, but may be coming back. I'll leave that up to DerVVulfman
#3
A first time for everything, I just set up the forum's first mass-mail to all members.

Quote:Dear *username*,

You are receiving this eMail sent to your *email* address as you created an account with our board. For over ten years, we have existed without any issues or incident of this nature. However, Save-Point was hacked, its database breached and dumped.

Our password storage system has a highly effective hash encryption system, so there would be extreme difficulty in trying to obtain any passwords. However, as the possibility exists, we at Save-Point sent this notice to inform and keep you safe.

-DerVVulfman
Up is down, left is right and sideways is straight ahead. - Cord "Circle of Iron", 1978 (written by Bruce Lee and James Coburn... really...)
[Image: QrnbKlx.jpg]

#4
Happy Easter, I guess...?
#5
Rebirth
Up is down, left is right and sideways is straight ahead. - Cord "Circle of Iron", 1978 (written by Bruce Lee and James Coburn... really...)
[Image: QrnbKlx.jpg]

#6
Hi,

thank you for your hard work and fast reaction! I changed my password. Go to hell you evil hackers.
#7
I changed mine.
#8
All changed. Thanks for the e-mail.

Shit that this happened.
[Image: logonew.gif]
#9
Got the email. Feels like I haven't been here for long...(gonna change it)
#10
Wow, Landarma! It does feel like ages!

I guess the mass mail system does work.

[Image: attachment.php?aid=1553]

This was the initial screen (some odd information blocked off). At the left side, you will note that the text reads "RussianBomb@Payload.sh".

This forum was not the only one attacked in this manner, another with the same software package was thusly struck.

Oddly, if you look for a review of Payload.sh, you will only find one from Scamquery claiming it is a safe website.


Attached Files
.png   uhh.png (Size: 21.68 KB / Downloads: 93)
Up is down, left is right and sideways is straight ahead. - Cord "Circle of Iron", 1978 (written by Bruce Lee and James Coburn... really...)
[Image: QrnbKlx.jpg]





Users browsing this thread: