Lemon Amiga forum hacked!

[mcgeezer]

Quote:

Originally Posted by DamienD

What would you know Graeme; do you work in IT Security or something as a profession?

<joning of course, I know you do>

Lol... no mate, the last 20 years i’ve been making Amiga games as a profession.
It’s why i can only afford to have smoked salmon once a week instead of three.

[LongLifeA1200]

There has been an update of good news.

[SquawkBox]

Password changed. Thanks for the heads up.

[rare_j]

It's such a shame that running a forum as a hobbyist is basically lo longer viable.
Whether its from gdpr or constant hack attempts you more or less need a managed service now unless your hobby is also IT security and web privacy law.

[ztronzo]

I make it a habbit to always use a different password for different hosts.. this covers the case of your password being leaked from any...
otherwise in a while you will receive a blackmail e-mail by a scammer telling you "we got your password" etc etc... "send money so we dont leak your webcam vids" etc etc... (even if you dont have a webcam) :-P

[S0ulA55a551n]

Did you say the used all of the hacked accounts to upvote Doom to the top of the table. ?????

Anyone smell Doomy ? ??

Quote:

Originally Posted by DamienD

What would you know Graeme; do you work in IT Security or something as a profession?

<joking of course, I know you do>

Not info-sec, the bane of my life

[lifeschool]

SQL injection, LA and L64 sites compromised. The hackers want money to reveal how they did it.

It may take some time to secure the site, but Kim says it can be done given some time.

This is an increasing problem, so I hope eab is secure?

[TCD]

Ouch Fingers crossed it can be sorted quickly. I'll ask RCK about it once he is available again.

[jurassicman]

Damn! I did notice that the site was down and I suspected something bad... hopefully the site will be fixed and up soon and there won't be data loss...

[dreadnought]

Going after some niche hobby sites, that's really f-ed up.

[Ian]

A niche forum will be an easy target, sadly

I don't know what forum software they use over there but anything bought probably has a huge list of known vulnerabilities a hacker or even just a script kiddie could use.

That's why you've got to keep up with the updates and even then there's no guarantee they fix everything.

[AestheticDebris]

It's gutting that people out there are so petty, but unfortunately they are. And that, more than anything is why Forums should run on modern, updated software even if it means they aren't as easily browsable on a real Amiga.

[dreadnought]

...but hasn't Lemon been overhauled recently? I'm pretty sure there was a big update to the software somewhere last year. Also all the passwords were force-changed.

[Retroplay]

Yes, it was.
I lost my old Lemon64 account because of it.
The email I used to register way back when in early 2000s went down the tubes just before that happened and it's needed to update password on my old forum account.

[lifeschool]

The forum uses PHPBB. I presume the database uses SQL. Hackers can get around any updates and just walk straight in to your computer unless you get domain protection, and even then, using SQL is very old.

It's going to take maybe a few weeks to sort this out, maybe months, so all we can do is wait and see. No data has been deleted. From the look of things, its the domain which seems hacked.

[AestheticDebris]

Quote:

Originally Posted by lifeschool

The forum uses PHPBB. I presume the database uses SQL. Hackers can get around any updates and just walk straight in to your computer unless you get domain protection, and even then, using SQL is very old.

SQL injection is a flaw in non SQL code, not in SQL itself. And it's very easy to avoid so there's really no excuse for a modern system to be vulnerable to it.

[Megalomaniac]

It's a nightmare for us to be without this invaluable resource for Amiga and C64 retrogaming. I'd noticed an increase in the amount of spam messages recently, which may be related to what's happened. I really hope it can be back up and running shortly. Do we know what the impact on the competition will be?

Not sure of the exact situation with the sites, but I know Kim Lemon himself has had health challenges in recent years, so that may have limited the time that could be put into securing the site.

[kremiso]

what a sad news
wondering whats the point in attacking a retrogaming forum

[lifeschool]

Quote:

Originally Posted by AestheticDebris

SQL injection is a flaw in non SQL code, not in SQL itself. And it's very easy to avoid so there's really no excuse for a modern system to be vulnerable to it.

Can you explain how it is possible to avoid it? For example, is it the uploading of files to the server which is the leak? Or perhaps somehow the custom back end is the issue? I dont know what an SQL injection is, so any help might help Kim put things back together. He describes it as looking for "needles in a haystack". But maybe if he can understand the vulnerabilities, it can help to pin down the issues?

Quote:

Originally Posted by Megalomaniac

It's a nightmare for us to be without this invaluable resource for Amiga and C64 retrogaming. I'd noticed an increase in the amount of spam messages recently, which may be related to what's happened. I really hope it can be back up and running shortly. Do we know what the impact on the competition will be?

Not sure of the exact situation with the sites, but I know Kim Lemon himself has had health challenges in recent years, so that may have limited the time that could be put into securing the site.

Kim is currently feeling better, or at least able to look at this for us. He has contacted the Law today, but I can't imagine how this can help us. Spam is just spam, and any bot can sent it, but this was a hijack.

I dont know what you mean by competition. If you mean rival sites like MobyGames, maybe they will be ok? I dont think this is targetting Commodore users specifically, (or we should start asking around Atari Age), and these guys seem like chancers to me. If you mean the games competition on L64, the scores are kept on a different server, so it should be possible to make a post in the Competition section of EAB and carry on posting scores as normal. We dont know if this will be fixed any time soon, so at this stage I am willing to risk saying maybe a few months?

[Seiya]

If they have a backup of forum and site, could be move to another server.