EPICentre Hackers sending viri to our members |
netepic
|
Post subject: EPICentre Hackers sending viri to our members Posted: Mon May 10, 2004 9:50 am |
|
Brood Brother |
 |
Joined: Thu Feb 13, 2003 4:26 pm Posts: 7016 Location: Southfields, London, England
|
As you are no doubt aware the EPICentre was hacked recently, they broke in and over wrote one of our admins accounts, then removed access to all the other admin accounts.
Finally they scrambled the passwords and added a new user with god access.
When they had full control they added a large advert to the front page and sent out a virus to every single member.
The EPICentre will NEVER ask you to download a file, whenever we have a new release of incoming or add downloaded we add a notice to the news page and contact the mailing lists. The user accounts email address are strictly for admin purposes.
Please DELETE this email.
Tom. Now once more the EPICentre Webmaster, usurpers have been temporarily dismissed. Whilst we harden security the site will remain down.
From: EPICentre
Rulezzz screensaver... Make your dream reality...
http://sukerxak.amillo.net/cerruti.rar
Download !!!!
- EPICentre Staff |
|
Top |
|
 |
vanvlak
|
Post subject: EPICentre Hackers sending viri to our members Posted: Mon May 10, 2004 10:02 am |
|
Brood Brother |
 |
 |
Joined: Fri Oct 31, 2003 7:52 am Posts: 10348 Location: Malta
|
Hi Tom, thanks for the heads-up - I'd received this, but deleted it as it smelt bad - good job I did! I'm sorry you had to take all that trouble because of some rothead (nerrah jixxawwat, if you'l pardon my Maltese, and don't worry, it's not obscene or vulgar or unethical ). I'm no expert in this stuff, and couldn't help technically - but if you need support for upgrades, perhaps we could somehow contribute? After all, it's a public service we're all benefitting from. cheers.
_________________ Back from oblivion (again)?
|
|
Top |
|
 |
netepic
|
Post subject: EPICentre Hackers sending viri to our members Posted: Mon May 10, 2004 11:04 am |
|
Brood Brother |
 |
Joined: Thu Feb 13, 2003 4:26 pm Posts: 7016 Location: Southfields, London, England
|
Quote (vanvlak @ 10 2004 May,10:02) | (it's not obscene or vulgar or unethical ) | I am disappointed!
As for support, none needed, been programming since I was 8, not going to be beated by a couple of amateurs who downloaded an exploit off the net. Have already fixed the damage, just working on the security now... DON'T want this to reoccur, for one thing it is embarrasing.
|
|
Top |
|
 |
vanvlak
|
Post subject: EPICentre Hackers sending viri to our members Posted: Mon May 10, 2004 11:27 am |
|
Brood Brother |
 |
 |
Joined: Fri Oct 31, 2003 7:52 am Posts: 10348 Location: Malta
|
|
Top |
|
 |
the_fifth_horseman
|
Post subject: EPICentre Hackers sending viri to our members Posted: Mon May 10, 2004 1:27 pm |
|
Brood Brother |
 |
Joined: Wed Apr 30, 2003 12:35 pm Posts: 1259
|
Ahhh... these were no hackers.
As Tom said, they downloaded an exploit from the net... they are "only" script kidz. True hackers write their tools themselves.
And for damaging, its the crackers.
I think I received something like this, but it stunk as a virus right away.
_________________ The Fifth Horseman. Quality over quantity. Realm of the Horseman ? ? The mirror site.
|
|
Top |
|
 |
penal battalion
|
Post subject: EPICentre Hackers sending viri to our members Posted: Mon May 10, 2004 7:04 pm |
|
Brood Brother |
 |
Joined: Wed Apr 28, 2004 12:58 am Posts: 660 Location: S.W London.
|
Thanks for the heads up on the virus stuff! 
_________________ Zulus' Sir! fousands of 'em!
|
|
Top |
|
 |
stormseer
|
Post subject: EPICentre Hackers sending viri to our members Posted: Mon May 10, 2004 7:29 pm |
|
Brood Brother |
 |
 |
Joined: Fri Feb 14, 2003 9:52 pm Posts: 4598 Location: Suffolk, UK.
|
Yep, this was what made me check out the front page in the first place- a screensaver to download? ...thought it was a little curious ... 
_________________ www.darkrealmminiatures.com
|
|
Top |
|
 |
primarch
|
Post subject: EPICentre Hackers sending viri to our members Posted: Mon May 10, 2004 10:40 pm |
|
Brood Brother |
 |
 |
Joined: Fri Feb 14, 2003 12:46 am Posts: 27069 Location: Edmond, Oklahoma USA
|
Hi!
Thanks for letting us know!
Primarch
|
|
Top |
|
 |
Legion 4
|
Post subject: EPICentre Hackers sending viri to our members Posted: Tue May 11, 2004 4:45 am |
|
Brood Brother |
 |
 |
Joined: Thu Feb 13, 2003 5:13 pm Posts: 36989 Location: Ohio - USA
|
Get some payback, Tom ! 
_________________ Legion 4 "Cry Havoc, and let slip the Dogs of War !" ... "People sleep peaceably in their beds at night only because rough men stand ready to do violence on their behalf."
|
|
Top |
|
 |
Chris
|
Post subject: EPICentre Hackers sending viri to our members Posted: Tue May 11, 2004 9:08 am |
|
Brood Brother |
 |
 |
Joined: Wed Jan 15, 2003 6:42 pm Posts: 2412
|
Thanks for the heads up Tom.
Now go give these bas*ards what they deserve!
Cheers
Chris
_________________ Chris
|
|
Top |
|
 |
CyberShadow
|
Post subject: EPICentre Hackers sending viri to our members Posted: Tue May 11, 2004 12:13 pm |
|
Swarm Tyrant |
 |
 |
Joined: Thu Jan 02, 2003 6:22 pm Posts: 9350 Location: Singapore
|
Tom:
Good luck with strengthening the walls. Do you have any details of how they got in? If you know what they did, I could drop an email to my server host and warn them in case.
I got the email as well, but it really didnt sound like you and you had never advertised a screen saver, so I avoided.
What kind of people force their way into a non-profit, niche interest site, and then deliberately try to cause damage by tricking people into getting a virus?
Scum.
Did you report the problem to your host/the authorities?
_________________ https://www.cybershadow.ninja - A brief look into my twisted world, including wargames and beyond. https://www.net-armageddon.org - The official NetEA (Epic Armageddon) site and resource.
|
|
Top |
|
 |
the_fifth_horseman
|
Post subject: EPICentre Hackers sending viri to our members Posted: Tue May 11, 2004 1:22 pm |
|
Brood Brother |
 |
Joined: Wed Apr 30, 2003 12:35 pm Posts: 1259
|
I'd say that you can either report ot authorities or give them a more appropriate payback - track their computers down and scramble their HDD's leaving just one message: "Never mess with EpiCentre. Again."
_________________ The Fifth Horseman. Quality over quantity. Realm of the Horseman ? ? The mirror site.
|
|
Top |
|
 |
netepic
|
Post subject: EPICentre Hackers sending viri to our members Posted: Tue May 11, 2004 2:18 pm |
|
Brood Brother |
 |
Joined: Thu Feb 13, 2003 4:26 pm Posts: 7016 Location: Southfields, London, England
|
@TFH - If payback was to be exacted I certainly wouldn't leave a calling card for them to come back to, however it would be easily recognised as my work to the people who know me/epic.
@Cybershadow - The strengthening was successful, I installed a variety of patches, upgraded the backbone and reset all the passwords. I have sent you an email listing the vulnerabilities to EPIComms, they are how I would hack the site if I was... well scum is as good a definition as any, I will nick that!
Unfortunately this was not an isolated event, NukeCops published the exploit they used - it is known as SQL injection, basically they used an exploit in the phpNuke engine (which has now been closed with a little jerry rigging) to insert SQL into our database, from here they were able to replace one of our existing adminstrators once there number crunchers penetrated our second line of defence (MD5 Hash Encryption). Finally, they removed access to our admins and so locked us out.
Admins will be contacted shortly with there new passwords - not they will not be as easy to remember due to the fact that they must be make more secure (alphanumeric, over 8 characters).
Tom.
|
|
Top |
|
 |
netepic
|
Post subject: EPICentre Hackers sending viri to our members Posted: Tue May 11, 2004 11:50 pm |
|
Brood Brother |
 |
Joined: Thu Feb 13, 2003 4:26 pm Posts: 7016 Location: Southfields, London, England
|
Careful - head is swelling rapidly....
|
|
Top |
|
 |