English Amiga Board

English Amiga Board (http://eab.abime.net/index.php)
-   News (http://eab.abime.net/forumdisplay.php?f=29)
-   -   Lemon Amiga forum hacked! (http://eab.abime.net/showthread.php?t=103642)

solarmon 20 August 2020 17:27

Lemon Amiga forum hacked!
 
Hi,

Sorry if this is the wrong place.

It seems the Lemon Amiga forum have been hacked and compromised.

The admins and moderators might want to be extra vigilant and review the security of this forum too.

lilalurl 20 August 2020 17:54

I lock the thread for the time being, given that I don't have any more details about this.
It might be informative though.

If Predseda (or someone else from Lemon) has any information about that, please PM me and we will see if there is need for the thread to be open to discussion or not. Of course, any assistance needed we will be happy to provide.


Edit: Thread open. I have received details about a sort of spam attack going on on their forums, so I guess some people might want to discuss it. No speculation or other stuff like that please, let's keep the thread as informative as possible. And thanks solarmon for the starting the thread.

solarmon 20 August 2020 18:15

From the Lemon Amiga Facebook page:
-----
Sad news. The Lemon Amiga forum has been hacked. The hacker can assume any login, even hijacking existing and regular users accounts. There isnt much we can do about this, as the hacker knowns how to access our passwords and bypass things such as locked threads and quarantine systems. The site will most likely go down at some point, due to this, so please be aware this could be the end of our beloved site.
Also please do not visit any of the links provided by him, as I would not trust a hack of Doom made by a hacker who thinks its ok to flood forums with 1400 posts a day. If you know of any hackers, please remove their genitals for me, and string them up around their neck.
In the meantime, hacking is not cool or clever, and is pure evil, so please dont do it. btw, Happy Birthday Simon Humphrey. ?
------

malko 20 August 2020 19:30

Do we have to change the lemon user account passwords ? Or is it useless for the moment ?

DamienD 20 August 2020 23:51

Not good news :sad

Who bothers to hack an Amiga website / forum; which are very niche???

LAME!!!

...was this "mcm" a real LemonAmiga user; or an account that was hacked / used to spam the forum?

-Acid- 21 August 2020 00:01

There has been 4 or 5 accounts hacked in the last week that i have seen, the first couple actually made posts that were usually negative towards users who had asked questions but now it is just spam. Most of them are accounts with 1 post that were made over 10 years ago so obviously dormant users that used piss poor passwords being brute forced by the looks of it.

matburton 21 August 2020 00:46

Quote:

Originally Posted by solarmon (Post 1422224)
From the Lemon Amiga Facebook page:
the hacker knowns how to access our passwords

Owch! Does this mean that the passwords weren't stored as hashes?

Should they be warning people that if they used the same password or similar passwords on other sites they need to change them pronto?

LongLifeA1200 21 August 2020 03:18

1 Attachment(s)
Quote:

Originally Posted by DamienD (Post 1422308)
...was this "mcm" a real LemonAmiga user; or an account that was hacked / used to spam the forum?

That account too was hacked into. Most of the hacked accounts (around 60 of them) are from 2005 and haven't logged on in half a decade or more.

As '-Acid-' pointed out, initially it was just troll bait, some of which I fell for. Later it became about marketing.

Quote:

Originally Posted by matburton (Post 1422320)
Should they be warning people that if they used the same password or similar passwords on other sites they need to change them pronto?

That has been a discussion on the forum over the past year. As to whether or not members took the advice to have unique passwords is uncertain. Current advice is to have a password you wouldn't find in a dictionary.

The old dormant accounts are unlikely to be updated and are the ones most likely to have a very basic password.

I have attached a list of accounts I know to have been hacked (hacker used them all to up-vote the game 'Doom' to the top spot on the website).

RichL 21 August 2020 07:59

Bastards! Good luck hope you can save the forum.

chip 21 August 2020 08:01

What actually hackers want to demonstrate with these kind of actions ? :blased

manossg 21 August 2020 08:53

What lamers.

AMike 21 August 2020 09:01

Quote:

Originally Posted by LongLifeA1200 (Post 1422337)

I have attached a list of accounts I know to have been hacked (hacker used them all to up-vote the game 'Doom' to the top spot on the website).

Thanks for the info - I know one person on the list - it's a still active user. All to best - hope you can fix the breach.

SunSpire 21 August 2020 09:15

Not sure if related or just pure coincidence, but the libretro / Retroarch servers have also been hacked these days :sad

gimbal 21 August 2020 10:36

Quote:

Originally Posted by chip (Post 1422363)
What actually hackers want to demonstrate with these kind of actions ? :blased

Nothing, some people just want to watch the world burn.

chip 21 August 2020 10:58

Perhaps you are right gimbal :rolleyes

I strongly believe there's always a motivation behind our actions :o

But in this case i seriously miss the logic :(

modrobert 21 August 2020 11:11

Quote:

Powered by phpBB © 2001, 2005 phpBB Group
Perhaps time for a forum upgrade? If customized and not possible to upgrade it needs to be manually patched against SQL injection.

hexaae 21 August 2020 11:12

Quote:

Originally Posted by DamienD (Post 1422308)
Not good news :sad

Who bothers to hack an Amiga website / forum; which are very niche???

They probably hope to find users with the same pass used on Lemon for his/her Google account and more... even though we know today Google, PayPal, Microsoft, Banking... all have 2 steps verification!

Jope 21 August 2020 12:14

https://www.lemonamiga.com/forum/vie...=155860#155860

The server is not hacked apparently.

mcgeezer 21 August 2020 12:26

When you tun a content management system that is 15 years out of date you’re gonna run into trouble like this. Also, nobody should br able to brute force accounts as they should have something like apache modsecurity in place.

Weak passwords or not, something like recapcha would solve the problem.

Ultimately though the forum needs a controlled restore and upgrade.

DamienD 21 August 2020 12:36

What would you know Graeme; do you work in IT Security or something as a profession? :p

<joking of course, I know you do>


All times are GMT +2. The time now is 00:17.

Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2020, vBulletin Solutions Inc.

Page generated in 0.05009 seconds with 10 queries