We are under heavy attack

Post by **Red Squirrel** » Fri Jan 28, 2011 8:30 pm

This site has been compromised several times in a row and it is a good possibility that this forum's database has been accessed and recorded.

Passwords are stored in a irreversible hash so they are not in clear text, however a reverse attack to try every possible hash combination until it matches, is a possible way to reverse the hash. This can take long, but it is important that passwords be changed before they are reversed from the stored hashes from the possibly compromised database. It is also advised that if you use this password anywhere else, that you change it there too.

Sorry for any inconvenience this may cause. A full security audit will be conducted but I am looking into possibly shutting down the forum until I can get the time to convert over to a new one as this version of IPB is very old and the hackers are using known exploits against it. Trying to find these is like trying to find a needle in a haystack.

The hackers have still lost. They are nothing but worthless kids who will never succeed at anything worthwhile in life. They will eventually die, like any other person, but will have nobody to actually miss them.

I have disabled some functions that were potential avenues of exploit. I can confirm the calendar is very vulnerable to attack and very badly written so I have disabled it.

That said, there is a possibility that other exploits exist. I am researching different forum solutions so we can jump ship.

Archived topic from Iceteks, old topic ID:5388, old post ID:39861

Triple6_wild · Post by **Triple6_wild** » Sun Jan 30, 2011 2:26 am

I umm use that wonderful "Remember password" Feature that keeps the cookie so type old password/new is a no go LOL Seeing as I can't remember it at all, I don't think I would be using it anywhere else.

Didnt log out to check but you should have an email change/recovery while logged out eh

Archived topic from Iceteks, old topic ID:5388, old post ID:39865

Post by **Red Squirrel** » Sun Jan 30, 2011 4:43 pm

Yeah if you log out there will be an option to change your password.

Archived topic from Iceteks, old topic ID:5388, old post ID:39866

Triple6_wild · Post by **Triple6_wild** » Wed Feb 02, 2011 11:45 am

Run a few google image searches squirrel. Think it may be related? Probably not but the timing is weird for sure.

My search was "FC3S body kits" If you don't notice anything unusual with your own random searches.

Archived topic from Iceteks, old topic ID:5388, old post ID:39870

Post by **Red Squirrel** » Sat Feb 05, 2011 8:13 pm

Not sure what you are seeing.

Archived topic from Iceteks, old topic ID:5388, old post ID:39871

Triple6_wild · Post by **Triple6_wild** » Sun Feb 06, 2011 5:45 am

Looks like its been fixed

Anyways a ton of Google images links were hijacked and all went to 1 site for many results regardless of the search term. Click an image and it would still be hosted on the real site yet would instantly close and jump to a new site. A good 90% of all went to the same place. At first it thought it was a virus on my end but looks like someone was using a lot of hacked sites to redirect a massive chunk of google images.

Edit: Or not entirely fixed, Still doing it just a lot of results are gone though there are still enough and the site name has changed but it's the same site. lol

Archived topic from Iceteks, old topic ID:5388, old post ID:39872