Hacked by bruneii

Started by sobranie, Jan 02, 2011, 10:45:35

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

sobranie

Upon opening idnetters this morning the usual top logos had been replaced by 'Hacked by Bruneii' + large shield type logo. Have run NOD32 and malwarebytes which found nothing.
IDNetters seems to work fine now with no hacked logo BUT no IDNet logo is showing.
Ideas pls folks!!

sobranie

Ah, a message re hacking has just appeared. Will follow advice re password.

Rik

Rik
--------------------

This post reflects my own views, opinions and experience, not those of IDNet.

D-Dan

Yep - I saw it and immediately googled it, found the stats page for the hackers and it seems that they have been very busy today :(

Steve
Have I lost my way?



This post doesn't necessarily represent even my own opinions, let alone anyone else's

David

Alls well this end now ..3 scans and a password change ...cant be too careful  ;D
Many hammer all over the wall and believe that with each blow they hit the nail on the head.

Den

Ran a quick scan with Norton 2011 and found 32 cookies that were not there yesterday and firewall was very busy blocking all sorts of things  :eek4:
Mr Music Man.

Rik

We think we're sorted now, guys. :fingers:
Rik
--------------------

This post reflects my own views, opinions and experience, not those of IDNet.

psp83

So did they get access to the SQL DB ?

Rik

Rik
--------------------

This post reflects my own views, opinions and experience, not those of IDNet.

DorsetBoy

This team do not leave any virus/exploit etc. they are just about proving a point. They could as some hackers do, totally destroy the site, generally they just make life difficult.

psp83

Quote from: Rik on Jan 02, 2011, 13:31:44
No idea, Paul, sorry.

IDnet should be able to tell you.

If they got access to the admin side off SMF then they could download a SQL dump anyways.

JB

Quote from: Rik on Jan 02, 2011, 13:29:30
We think we're sorted now, guys. :fingers:

Thanks for your help on TBB Rik. Now using IDNet DNS and all working again. Have changed password also.

Regards,

JB.
JB

'Keyboard not detected ~ Press F1 to continue'

Rik

It's difficult to get hold of anyone today, Paul.
Rik
--------------------

This post reflects my own views, opinions and experience, not those of IDNet.

Rik

Quote from: 6jb on Jan 02, 2011, 13:45:26
Thanks for your help on TBB Rik. Now using IDNet DNS and all working again. Have changed password also


it will take a while for the new DNS to propagate, JB. :)
Rik
--------------------

This post reflects my own views, opinions and experience, not those of IDNet.

cavillas

Quote from: DorsetBoy on Jan 02, 2011, 13:35:19
This team do not leave any virus/exploit etc. they are just about proving a point. They could as some hackers do, totally destroy the site, generally they just make life difficult.
There is still no need or any necessity to interfere with everyone's enjoyment and use of the Internet.  They are just nasty evil-minded, juvenile brained idiots who because they have no lives of their own think it's funny to interfere with others lives.  There is no excuse or reason for this sort of action.  It's much like going into a public library and hiding all the books for a time, utterly pointless, futile and childish.  As I said absolutely NO EXCUSE for doing this sort of thing at all.  Time they got a real life. :mad:
------
Alf :)

psp83

Quote from: Rik on Jan 02, 2011, 13:45:30
It's difficult to get hold of anyone today, Paul.

Thats a pain then, I hope IDnet keep logs for longer than 48hrs (most hosts only keep for 48hrs)

It would good to know how they got into the server.. (most likely an php/apache exploit)

Rik

I've asked the questions, Paul. For obvious reasons, I won't be able to make the answers public, but we shall take whatever steps we need to, and I'm sure IDNet will too.
Rik
--------------------

This post reflects my own views, opinions and experience, not those of IDNet.

DorsetBoy

Oh dear .... as my son says "who crapped in your cornflakes?"  :evil:      Alf , it is just one of those things, and as much as this team are a pain in the rump they find weak security and dangerous flaws in peoples server set ups and software. If you ask them nicely they'll probably correct the "hack", they do no lasting damage unlike other "idiots".

They are anything but mindless ,that is for sure.

Ted

Quote from: DorsetBoy on Jan 02, 2011, 14:04:31
Oh dear .... as my son says "who crapped in your cornflakes?"  :evil:      Alf , it is just one of those things, and as much as this team are a pain in the rump they find weak security and dangerous flaws in peoples server set ups and software. If you ask them nicely they'll probably correct the "hack", they do no lasting damage unlike other "idiots".

They are anything but mindless ,that is for sure.

I know it doesn't seem like it now, but they might have done us a favor in the long run. If they haven't done any real damage and all the holes are found and plugged, it may stop someone with really nasty intentions getting in "next time"  :fingers:
Ted
There's no place like 127.0.0.1

psp83

trouble is Ted, nothing is 100% secure, there will always be holes in software (and someone will find it one day)

Simon

It's certainly a wake up call, for sure.  If they were trying to do us a favour, though, they could have kindly made it a working day.  ::)
Simon.
--
This post reflects my own views, opinions and experience, not those of IDNet.

Rik

And let me finish breakfast first! ;D
Rik
--------------------

This post reflects my own views, opinions and experience, not those of IDNet.

Ted

Quote from: Rik on Jan 02, 2011, 14:22:59
And let me finish breakfast first! ;D

Gotta keep those priorities in the right order.  ;D

Ted
There's no place like 127.0.0.1

Simon

What was that you were saying about having the day off, Rik?  ;)
Simon.
--
This post reflects my own views, opinions and experience, not those of IDNet.

Rik

Rik
--------------------

This post reflects my own views, opinions and experience, not those of IDNet.