Author Topic: Forum sabotaged! (briefly) (Read 17743 times)

Alan W · « **on:** June 14, 2009, 01:10:16 PM »

For a few hours recently, anybody trying to visit the forum would have seen, instead of the forum, something like this:

The writing seems to be in Turkish, but what it means, I can't tell you.

Evidently some mischievous types had found a way to inject some of their own files into the forum Web site, replacing some of the normal files. As far as I can tell, the intrusion did nothing harmful apart from preventing us from using the forum until it was repaired. I have no reason to believe these people were able to access confidential data from the website, such as forumites' email addresses.

I've been negligent in the past in applying upgrades to the forum software, and we had fallen about 6 versions behind the latest release. Since some of those upgrades dealt with security issues, this might be the reason we were vulnerable to such an attack. So I've taken the opportunity of this downtime to upgrade the software to the latest version from SMF.

As far as I can see, things are back to normal now, but let me know if there's anything not working properly in the forum.

Thanks to Fireworks, Linda and others for letting me know about these problems.

bjs · « **Reply #1 on:** June 14, 2009, 02:50:20 PM »

hey alan there turkish hackers and they would be after passwords, personal info from anyone who posts on here.... be careful once there in there hard to get rid of..

bjs

redwallylegs · « **Reply #2 on:** June 15, 2009, 08:53:54 AM »

Raised their ugly fuggly heads they have...........do not open the naked girlie thread.............

technomc · « **Reply #3 on:** June 15, 2009, 09:08:19 AM »

It's disgusting.......there are some foul people about...

Alan W · « **Reply #4 on:** June 15, 2009, 01:04:19 PM »

I'm not sure whether there's any connection between the obscene post (now deleted, of course) and the recent hijacking of the forum. It looks like the perpetrator of the offensive post joined the forum in the normal manner, successfully typing the characters from the test image and then, a couple of minutes later, activating their account using the link that had been emailed to them. There's no way of telling whether any of this was done by an actual person, or if it was all handled by some devious automated procedure.

Over recent weeks, there has been a rising rate of spam postings to the forum. Often I notice them and delete them before many people have seen them, so hopefully they haven't intruded too much on forumites' use of the site. There are also quite a few who join up but never activate their accounts - perhaps some of these are automated efforts that lack the ability to process an activation email. Currently there are 8 accounts created yesterday and today that are yet to be activated. Probably most of them never will be.

And some who do complete their registration never post to the forum, but edit their profile to include links to Russian software sites, etc. This might be designed to improve the search engine rankings of these sites.

I'm not sure what I should do about these trends. I can change the registration procedure so that new memberships don't become active until I approve them, but that would then present me with the problem of deciding who to approve. I don't want to discriminate against someone just because they give themselves a user name I can't pronounce, or have a Latvian e-mail address. They might be quite genuine - after all we have forumites from all over the world.

Alonzo Quixote · « **Reply #5 on:** June 15, 2009, 01:12:26 PM »

Would it make any sense to add a step or steps to the registration process to ask one or more questions whose answers might shed some light on the new registrant?

I don't have any particular question(s) in mind.

Alan W · « **Reply #6 on:** June 15, 2009, 01:38:46 PM »

It has occurred to me that registrants could be asked to solve a word puzzle! E.g. "Please enter at least ten English words that can be made from the following letters.." Such a test would be regarded as burdensome on most forums, but here people would probably be happy to do it.

The only drawback is that I would have to devote the time to working out how to modify the forum software to include this feature.

pat · « **Reply #7 on:** June 15, 2009, 05:41:30 PM »

Quote from: Alan W on June 15, 2009, 01:38:46 PM

The only drawback is that I would have to devote the time to working out how to modify the forum software to include this feature.

That made me chuckle, Alan. It actually sounds a very good idea, and you could find the time by (temporarily of course) providing less full answers to our requests for various inclusions. The amount of typing you do must cost you many hours a week!

technomc · « **Reply #8 on:** June 15, 2009, 06:01:40 PM »

Thanks for sorting that Viral....it was pretty disgusting...

I had to look at it at least 20 to be absolutely sure ...

[i jest of course!!!]

Punnivinn · « **Reply #9 on:** June 15, 2009, 06:10:06 PM »

Quote from: Alan W on June 15, 2009, 01:04:19 PM

I don't want to discriminate against someone just because they give themselves a user name I can't pronounce, or have a Latvian e-mail address.

Latvian, that's funny. Our southern neighbours. Anyway, I can assure you that Latvia is quite a normal post-communist now-capitalist country like Lithuania, Poland or Hungary. Not some semimystical land of Evil where the fundamentalist terrorists come from.

Of course, I can not be absolutely sure because I don't understand Latvian, it's very different from Estonian. Maybe they look at you smiling and telling something, and you don't know that it means "we are going to blow up everything". There are just two Latvian words that most of the Estonians know: saldējums (meaning ice-cream) and iela (meaning the street). The latter is very regular in Estonian crosswords, the most common word used when you have to start a word with "ie". The holder of the second place is a Italian town named Iesi.

Did you know that Latvian and Lithuanian are two languages which have no other living relatives left? Their most known relative language is Old Prussian, extinct 300 years ago. There exist Latgalian and Samogitian languages but these are usually seen as dialects of Latvian and Lithuanian respectively.

Alan W · « **Reply #10 on:** June 15, 2009, 07:06:36 PM »

I probably shouldn't have mentioned any specific country. I certainly didn't intend to imply anything about the Latvian national character. It just popped into my head because a couple of the recent suspicious memberships in the forum seemed to come from Latvian Web domains.

But spammers and such types seem to come from all over. Some of the suspicious registrations were from Russia, quite a few dodgy types seem to be registered in Amsterdam and there was one from the Virgin Islands! And of course the people who hacked the forum on the weekend were purportedly Turkish. In any case, the place where someone has their Internet access doesn't necessarily say anything about where the person actually is.

Punnivinn · « **Reply #11 on:** June 15, 2009, 08:24:52 PM »

Alan, I think that's good you mentioned Latvia, I had my morning laughs. You know, the neighbor thing.

Of course it's even more funny when it's Estonia, not Latvia. In a Hollywood action movie there were two killers with the axes and they were said to be Estonians. And I laughed and so did the rest of Estonians. And in another Hollywood comedy some students digged up (or is it "dug up", I don't know the past of many English verbs) a frozen caveman who started to live, and when they said to their mother "he's from the stone age", she heard that "he's from Estonia". That was funny. Later they introduced the caveman to the others as an exchange student from Estonia.

Maybe some Estonians/Latvians etc. are insulted, but I find it always funny when somebody thinks that Estonians/Latvians (or even Finns) are dullish axe murderers who live in the caves. Stone axe murderers, haha.

Actually, I wanted to ask, do you have a copy of that text that our Islamic attackers left? Maybe with the help of some translator we can get a clue what they announced there. That interests me.

pat · « **Reply #12 on:** June 15, 2009, 08:28:00 PM »

FYI, Punnivinn, it's 'dug' up. Your English is very good by the way.

TRex · « **Reply #13 on:** June 15, 2009, 11:45:47 PM »

Quote from: Punnivinn on June 15, 2009, 08:24:52 PM

I find it always funny when somebody thinks that Estonians/Latvians (or even Finns) are dullish axe murderers who live in the caves.

I haven't thought any of those are axe murderers, but do Finns ever smile?

Alan W · « **Reply #14 on:** June 16, 2009, 12:53:24 AM »

Quote from: Punnivinn on June 15, 2009, 08:24:52 PM

Actually, I wanted to ask, do you have a copy of that text that our Islamic attackers left? Maybe with the help of some translator we can get a clue what they announced there. That interests me.

They called themselves Goguryeo & ZeYSuS, and if you put those names into a search engine, you'll probably find plenty of other sites they've defaced, which haven't yet been repaired. They actually have a copyright notice, which is cheeky considering their flouting of other people's rights. I don't know whether they're Islamic, or even really Turkish, despite the Turkish flag they include in their design.

News:

Author Topic: Forum sabotaged! (briefly) (Read 17743 times)

Alan W

Forum sabotaged! (briefly)

bjs

Re: Forum sabotaged! (briefly)

redwallylegs

Re: Forum sabotaged! (briefly)

technomc

Re: Forum sabotaged! (briefly)

Alan W

Re: Forum sabotaged! (briefly)

Alonzo Quixote

Re: Forum sabotaged! (briefly)

Alan W

Re: Forum sabotaged! (briefly)

pat

Re: Forum sabotaged! (briefly)

technomc

Re: Forum sabotaged! (briefly)

Punnivinn

Re: Forum sabotaged! (briefly)

Alan W

Re: Forum sabotaged! (briefly)

Punnivinn

Re: Forum sabotaged! (briefly)

pat

Re: Forum sabotaged! (briefly)

TRex

Re: Forum sabotaged! (briefly)

Alan W

Re: Forum sabotaged! (briefly)