Results 1 to 30 of 67

Thread: Hacking Troubles

Threaded View

Previous Post Previous Post   Next Post Next Post
  1. #1
    Join Date
    Jan 2012

    Hacking Troubles

    A few days ago some odd things started happening in the forum. Here's basically what:

    - A hacker gained access to an admin account, likely with an automated system. Not sure how, but I've made it significantly harder to do again. And if it does, it won't be as bad.

    - VBulletin, in its infinite wisdom, lets you do just about whatever you want with an admin account by default. This includes uploading custom files to the server and overriding just about anything you want. I've removed these capabilities from the admins. I will be as responsive as possible if the admins have requests for plugins or anything else that I've disabled.

    - The last roughly two days of posts have been removed. I had to revert to an older copy of the database to save some data and make it as secure as possible. If anything especially valuable was lost, I can retrieve it manually.

    - There's a new url for the forum now, This is because I've moved the forum to its own server. We were planning to do this in a few weeks, but things had to be pushed forward some. This gave us a fresh copy of the forum, which should make things better all around now that it's not directly tied to the cosmoquest site.

    - As far as I can see, NO information was stolen from users. The hacker didn't have database access. No tools were used to gather user info.

    - The purpose of the hack: 1, to add a few files to the server that would use it in a DDOS attack. This was stopped. 2, once I had fixed most of the issues (I thought I found all of them at the time), the hacker noticed, and wanted to make a big show before I fixed the issue. Making a God user, etc.

    I sincerely apologize for the lack of info for the last few days. 1, I didn't want to send out emails to 150000 users, most of which wouldn't care. 2, I didn't want to say anything incorrect. I wasn't sure how fixable this was, or when I'd be done. Honestly at first I thought it would just take a day.

    Summary: Everything should be good now. I had to start fresh with the forum, so if something doesn't work, say so in this thread or at If you have any questions or concerns, I'll happily answer them.
    Last edited by slang; 2017-Feb-27 at 08:53 AM. Reason: unstickied

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts