On Saturday, 12:38 PM, my account was hijacked by a Brazilian/Uruguayan hacker with the IP address of 189.13.40.92, which resolves to 18913040092.user.veloxzone.com.br. More information on the hacker is available here.
A Russian hacker had also uploaded a malicious PHP script into our public forum uploads folder on 9/23/06. This may explain how many spambots were able to access our website while skipping the automated validation process.
I took the message board down earlier this afternoon and updated the forum software to the latest version available. I also ran a deep virus scan on the board files and removed the malicious scripts.
While there are some new features in this version of Invision Board, our customized Duke4.net skin has a few incompatibilities with the software. An example of that would be the display error presented to users upon viewing the Post New Topic page. I will be working to fix these issues at a later date.
If you have any information about these hackers or think you can help us in any way to prevent such incidents from occurring in the future, please reply to this topic accordingly. Thanks for visiting.
* Uploads (attachments) have been disabled until further notice.
* I predict we'll be less susceptible to spam bots in the coming days.
* The forums now have an RSS feed.
Page 1 of 1
Attention All Duke4.net Forum Members "Important Security Information"
#1 Posted 26 November 2006 - 04:32 PM
#4 Posted 27 November 2006 - 03:43 AM
Amusing how this very same spambot/person signed up at two other boards I visit around the same time.
#5 Posted 27 November 2006 - 11:22 AM
Unfortunately i can't help with this issue, i'm not well awre of such cases...
But i hope this get's solved...
But i hope this get's solved...
#6 Posted 27 November 2006 - 04:17 PM
Iggy, on Nov 27 2006, 12:48 AM, said:
Good Gods, lets hope this bitch won't come back any time soon. :/ How are the back-ups of the site?
I hope you don't mind the coverage I gave this issue on D4E.
Good luck restoring everything and thanks for the site update. That Quick Edit works much better.
I hope you don't mind the coverage I gave this issue on D4E.
Good luck restoring everything and thanks for the site update. That Quick Edit works much better.
Thanks for the coverage. Everything was already restored at the time I created this topic--I also have plenty of backups in case anything goes wrong later. I just hope this doesn't happen again.
Share this topic:
Page 1 of 1