Quantcast Forum Hacker Identified - digitalFAQ.com Forums [Archives]
  #1  
03-28-2005, 03:38 PM
kwag kwag is offline
Free Member
 
Join Date: Apr 2002
Location: Puerto Rico, USA
Posts: 13,537
Thanks: 0
Thanked 0 Times in 0 Posts
@All,

The hacker (or should I say cracker?) was identified.

The attack came from IP address 62.43.75.130, which resolves to:

62-43-75-130.user.ono.com

Attack started at: 28/Mar/2005:02:41:37 -0700
Completed at: 28/Mar/2005:03:14:31 -0700

The service provider of the attacker resolves to a provider in Spain:
Registrant:
Cableuropa SA [NORG-3854901]

C\ Basauri, 7
E-28023 Aravaca. SPAIN

All corresponding logs and actions have been sent to the proper authorities.


Sadly, the attacker screwed up the database BIG TIME, and the latest backup is 12 days old, so the forum was restored to that database set.

If this happens again, I will definitely look into another forum software, which won't be phpBB based.

Thanks,
-kwag
Reply With Quote
Someday, 12:01 PM
admin's Avatar
Site Staff / Ad Manager
 
Join Date: Dec 2002
Posts: 42
Thanks: ∞
Thanked 42 Times in 42 Posts
  #2  
03-28-2005, 03:53 PM
Dialhot Dialhot is offline
Free Member
 
Join Date: May 2003
Posts: 10,463
Thanks: 0
Thanked 0 Times in 0 Posts
The last message is not 6 days but 12 days old
Reply With Quote
  #3  
03-28-2005, 03:56 PM
kwag kwag is offline
Free Member
 
Join Date: Apr 2002
Location: Puerto Rico, USA
Posts: 13,537
Thanks: 0
Thanked 0 Times in 0 Posts
Quote:
Originally Posted by Dialhot
The last message is not 6 days but 12 days old
Yes, indeed
The backup was done on Mach 16, so we lost 12 days of data
Reply With Quote
  #4  
03-28-2005, 03:59 PM
Zyphon Zyphon is offline
Free Member
 
Join Date: Oct 2003
Location: London, England (UK)
Posts: 1,035
Thanks: 0
Thanked 0 Times in 0 Posts
I was away for the weekend and tried to go online to KVCD.net to find that message saying that payment wasn't made for the site.

I thought it was strange and was worried fearing KVCD.net would be gone forever.

Im sorry to hear that some lamer Hacker/Cracker did this to your site Karl it is disgraceful that some people have nothing better to do than mess everything up for everyone else.

Im also sorry that you lost 12 days of data, I can just imaging how much of a pain the a$$ this must be for you.

I hope this is the last time we have to endure this sort of thing.
__________________
Regards.

Michael.
Reply With Quote
  #5  
03-28-2005, 04:27 PM
digitall.doc digitall.doc is offline
Free Member
 
Join Date: Jul 2003
Location: Valencia (España)
Posts: 741
Thanks: 0
Thanked 0 Times in 0 Posts
Came back today from holiday, and wondered: "I'm sure it happened lots of things at KVCD", and decided "to go for a walk" in the forum... first happened as Zyphon said.

And now that I could manage to get in...

I know you already knew, but there's really evil people out there. You said that: a cracker.

I feel sad for what happened.
Reply With Quote
  #6  
03-28-2005, 04:36 PM
kwag kwag is offline
Free Member
 
Join Date: Apr 2002
Location: Puerto Rico, USA
Posts: 13,537
Thanks: 0
Thanked 0 Times in 0 Posts
Thanks guys
BTW, I just upgraded the forum with all latest patches.
We're now on the latest version of phpBB.

-kwag
Reply With Quote
  #7  
03-28-2005, 05:31 PM
FuPP FuPP is offline
Free Member
 
Join Date: Mar 2004
Posts: 92
Thanks: 0
Thanked 0 Times in 0 Posts
Bad day, man...

ok, let's refill that forum

FuPP
Reply With Quote
  #8  
03-28-2005, 05:37 PM
kwag kwag is offline
Free Member
 
Join Date: Apr 2002
Location: Puerto Rico, USA
Posts: 13,537
Thanks: 0
Thanked 0 Times in 0 Posts
Quote:
Originally Posted by FuPP
Bad day, man...
Tell me about it
Quote:

ok, let's refill that forum

FuPP
Thanks

-kwag
Reply With Quote
  #9  
03-28-2005, 06:31 PM
Zyphon Zyphon is offline
Free Member
 
Join Date: Oct 2003
Location: London, England (UK)
Posts: 1,035
Thanks: 0
Thanked 0 Times in 0 Posts
Quote:
Originally Posted by kwag
Thanks guys
BTW, I just upgraded the forum with all latest patches.
We're now on the latest version of phpBB.

-kwag
Great news Karl, let's hope this is the end of these nasty hackers.
Quote:
Originally Posted by FuPP
Bad day, man...

ok, let's refill that forum

FuPP
Agreed on both counts.
__________________
Regards.

Michael.
Reply With Quote
  #10  
03-28-2005, 08:37 PM
kwag kwag is offline
Free Member
 
Join Date: Apr 2002
Location: Puerto Rico, USA
Posts: 13,537
Thanks: 0
Thanked 0 Times in 0 Posts
Anybody noticed the number of "Guest" users on the forum
I wonder if we have a new kind of worm trying to breach phpBB forums again

-kwag
Reply With Quote
  #11  
03-28-2005, 08:40 PM
kwag kwag is offline
Free Member
 
Join Date: Apr 2002
Location: Puerto Rico, USA
Posts: 13,537
Thanks: 0
Thanked 0 Times in 0 Posts
Quote:
Originally Posted by Zyphon
let's hope this is the end of these nasty hackers.
Crackers, that is
I'm a hacker
Hackers are good, and crackers are evil

-kwag
Reply With Quote
  #12  
03-29-2005, 12:13 AM
fabrice fabrice is offline
Free Member
 
Join Date: Mar 2003
Location: Madrid-Spain
Posts: 515
Thanks: 0
Thanked 0 Times in 0 Posts
Hi,

Quote:
Originally Posted by digitall.doc
Came back today from holiday, and wondered: "I'm sure it happened lots of things at KVCD", and decided "to go for a walk" in the forum... first happened as Zyphon said.

And now that I could manage to get in...

I know you already knew, but there's really evil people out there. You said that: a cracker.

I feel sad for what happened.
Occured exactly the same...

As Fupp said, let's fill the forum!

Salu2
Fabrice
Reply With Quote
  #13  
03-29-2005, 07:25 AM
Zyphon Zyphon is offline
Free Member
 
Join Date: Oct 2003
Location: London, England (UK)
Posts: 1,035
Thanks: 0
Thanked 0 Times in 0 Posts
Quote:
Originally Posted by kwag
Quote:
Originally Posted by Zyphon
let's hope this is the end of these nasty hackers.
Crackers, that is
I'm a hacker
Hackers are good, and crackers are evil

-kwag
Sorry Karl I stand corrected you are right of course.

Crackers are evil and mess up so many things including Forums and Software.
__________________
Regards.

Michael.
Reply With Quote
  #14  
03-29-2005, 08:12 AM
jason jason is offline
Free Member
 
Join Date: Oct 2003
Posts: 130
Thanks: 0
Thanked 0 Times in 0 Posts
well, I don't know. I thought hackers=to find some flews in website, forums
crackers= to modify a software, usually to be able to use it without paying.
after that, white hat = good/blackhat= evil
Reply With Quote
  #15  
03-31-2005, 05:44 PM
kwag kwag is offline
Free Member
 
Join Date: Apr 2002
Location: Puerto Rico, USA
Posts: 13,537
Thanks: 0
Thanked 0 Times in 0 Posts
After a very careful look at the log files on that day, the hack was clearly caused by a Worm
Each transaction was about one second apart, so this was not a manual user. It was a Worm(bot).
So there IS a new worm which can destroy phpBB forums version 2.0.11 (or below).

-kwag
Reply With Quote
Reply




Similar Threads
Thread Thread Starter Forum Replies Last Post
Forum Upgrade kwag Off-topic Lounge 0 12-28-2004 07:19 PM
Forum size? Coaster Off-topic Lounge 7 09-11-2004 09:22 PM
NUOVO FORUM hak3 Convertire e Codifica dei Video (Italiano) 1 05-20-2004 11:09 AM
KVCD: Why Isn't there a Help forum here? corwin1 Off-topic Lounge 6 08-20-2003 11:37 PM
Resource Hacker jorel Off-topic Lounge 1 06-27-2003 05:38 PM

Thread Tools



 
All times are GMT -5. The time now is 08:43 AM  —  vBulletin © Jelsoft Enterprises Ltd