cancel
Showing results for 
Search instead for 
Did you mean: 

Site hacked

Midnight_Caller
Rising Star
Posts: 4,143
Thanks: 7
Fixes: 1
Registered: 15-04-2007

Site hacked

Hi All
Just reseved this:
Quote
Subject:  Simple Machines Community Forum: Onderwerp
Dear valued community members,

On the 22nd of July 2013, it was discovered that unauthorized access to our website and database
has been obtained on the 20th of July.
The method is similar to the hacks that were recently conducted at other websites, even though
those sites used other software.
One of the admin accounts password was discovered, and from there further escalation wasn't too
difficult considering admin privileges can do just about anything.
Unfortunately, we are 100% sure that our user database has been stolen.
As such we HIGHLY RECOMMEND, even implore you, to:
1.) Change your password on other websites you are using, if you use the same password there. This
is very important to do, as it also will help prevent other websites being hacked through your
compromised password, if it is compromised.
2.) Change your password here on our website.
3.) If you use the password you use here anywhere else, say for example to login to your webhost,
it is highly urged to change it.
4.) Please note that personal messages may have also been compromised. We don't know for sure if
the hacker only downloaded the user tables or not, although that's the only thing he/she is after.
If they did: keep in mind that passwords you shared through PM should now be considered
vulnerable. It's best not to take the risk and gamble, and just change any password you shared
through PM as well.
5.) Charter members, current and past, are encouraged to change ALL passwords if they ever sent
any in to us. That would include FTP.
Please keep in mind:
This is !!NOT!! a security issue with the SMF software. If you are running the latest SMF version
you have nothing to fear from this hack if you use different passwords.
The method used by the hacker is that a database is downloaded from another hacked website, the
passwords are attempted to be decrypted and if it is successful: they try to login to other
websites using that username & password, or try to cross-reference by using password reset links.
Unfortunately for us, a Administrator used the same password elsewhere on another site and access
to our site was obtained when the password from the other hacked site was successfully decrypted.
As a result, the hacker was able to login here with admin rights.
Hundreds of websites have been hacked lately by using this method, so you are highly encouraged to
change your passwords...
... And remember: don't use the same password on multiple sites!
It helps to prevent hacks like this.
Thank you for your consideration and we deeply apologize for any inconvenience this causes for you.
By changing your passwords, you will help ensure that other sites do not fall victim to this
method of hacking and help put a halt to the hacking spree that has affected hundreds, if not
thousands, of websites already.
Any questions, please do feel free to ask.
Please stay on topic.

Kind regards,
Board of Directors
Simple Machines
1 REPLY
Community Veteran
Posts: 7,153
Thanks: 54
Fixes: 2
Registered: 30-08-2007

Re: Site hacked

I had almost word for word the same from Lakeland (of plastics fame)
Experience; is something you gain, just after you needed it most.

When faced with two choices, simply toss a coin. It works not because it settles the question for you. But because in that brief moment while the coin is in the air. You suddenly know what you are hoping for.