20 August 2020, 17:27 | #1 |
Registered User
Join Date: Dec 2018
Location: UK
Posts: 1,716
|
Lemon Amiga forum hacked!
Hi,
Sorry if this is the wrong place. It seems the Lemon Amiga forum have been hacked and compromised. The admins and moderators might want to be extra vigilant and review the security of this forum too. |
20 August 2020, 17:54 | #2 |
Global Moderator
|
I lock the thread for the time being, given that I don't have any more details about this.
It might be informative though. If Predseda (or someone else from Lemon) has any information about that, please PM me and we will see if there is need for the thread to be open to discussion or not. Of course, any assistance needed we will be happy to provide. Edit: Thread open. I have received details about a sort of spam attack going on on their forums, so I guess some people might want to discuss it. No speculation or other stuff like that please, let's keep the thread as informative as possible. And thanks solarmon for the starting the thread. Last edited by lilalurl; 20 August 2020 at 18:10. |
20 August 2020, 18:15 | #3 |
Registered User
Join Date: Dec 2018
Location: UK
Posts: 1,716
|
From the Lemon Amiga Facebook page:
----- Sad news. The Lemon Amiga forum has been hacked. The hacker can assume any login, even hijacking existing and regular users accounts. There isnt much we can do about this, as the hacker knowns how to access our passwords and bypass things such as locked threads and quarantine systems. The site will most likely go down at some point, due to this, so please be aware this could be the end of our beloved site. Also please do not visit any of the links provided by him, as I would not trust a hack of Doom made by a hacker who thinks its ok to flood forums with 1400 posts a day. If you know of any hackers, please remove their genitals for me, and string them up around their neck. In the meantime, hacking is not cool or clever, and is pure evil, so please dont do it. btw, Happy Birthday Simon Humphrey. ? ------ |
20 August 2020, 19:30 | #4 |
Ex nihilo nihil
Join Date: Oct 2017
Location: CH
Posts: 5,083
|
Do we have to change the lemon user account passwords ? Or is it useless for the moment ?
|
20 August 2020, 23:51 | #5 |
Banned
Join Date: Aug 2005
Location: London / Sydney
Age: 47
Posts: 20,420
|
Not good news
Who bothers to hack an Amiga website / forum; which are very niche??? LAME!!! ...was this "mcm" a real LemonAmiga user; or an account that was hacked / used to spam the forum? |
21 August 2020, 00:01 | #6 |
Registered User
Join Date: Oct 2012
Location: South Shields
Posts: 812
|
There has been 4 or 5 accounts hacked in the last week that i have seen, the first couple actually made posts that were usually negative towards users who had asked questions but now it is just spam. Most of them are accounts with 1 post that were made over 10 years ago so obviously dormant users that used piss poor passwords being brute forced by the looks of it.
|
21 August 2020, 00:46 | #7 | |
Registered User
Join Date: Apr 2017
Location: Cambridge
Posts: 136
|
Quote:
Should they be warning people that if they used the same password or similar passwords on other sites they need to change them pronto? |
|
21 August 2020, 03:18 | #8 | ||
Registered User
Join Date: Nov 2017
Location: Amiga Kingdom
Posts: 368
|
Quote:
As '-Acid-' pointed out, initially it was just troll bait, some of which I fell for. Later it became about marketing. Quote:
The old dormant accounts are unlikely to be updated and are the ones most likely to have a very basic password. I have attached a list of accounts I know to have been hacked (hacker used them all to up-vote the game 'Doom' to the top spot on the website). Last edited by LongLifeA1200; 21 August 2020 at 03:31. Reason: Alphabetized account list. |
||
21 August 2020, 07:59 | #9 |
Registered User
Join Date: Jul 2020
Location: Birmingham, UK
Age: 50
Posts: 218
|
Bastards! Good luck hope you can save the forum.
|
21 August 2020, 08:01 | #10 |
Registered User
Join Date: Oct 2012
Location: Italy
Age: 49
Posts: 2,955
|
What actually hackers want to demonstrate with these kind of actions ?
|
21 August 2020, 08:53 | #11 |
Registered User
Join Date: Nov 2019
Location: Greece
Posts: 992
|
What lamers.
|
21 August 2020, 09:01 | #12 |
Registered User
Join Date: Jan 2007
Location: near Vienna/Austria
Posts: 390
|
Thanks for the info - I know one person on the list - it's a still active user. All to best - hope you can fix the breach.
|
21 August 2020, 10:36 | #14 |
cheeky scoundrel
Join Date: Nov 2004
Location: Spijkenisse/Netherlands
Age: 43
Posts: 7,011
|
|
21 August 2020, 10:58 | #15 |
Registered User
Join Date: Oct 2012
Location: Italy
Age: 49
Posts: 2,955
|
Perhaps you are right gimbal
I strongly believe there's always a motivation behind our actions But in this case i seriously miss the logic |
21 August 2020, 11:11 | #16 | |
old bearded fool
Join Date: Jan 2010
Location: Bangkok
Age: 57
Posts: 780
|
Quote:
|
|
21 August 2020, 11:12 | #17 |
Bug hunter
Join Date: Jul 2006
Location: Italy
Age: 48
Posts: 2,171
|
They probably hope to find users with the same pass used on Lemon for his/her Google account and more... even though we know today Google, PayPal, Microsoft, Banking... all have 2 steps verification!
|
21 August 2020, 12:14 | #18 |
-
Join Date: Jul 2003
Location: Helsinki / Finland
Age: 43
Posts: 9,938
|
|
21 August 2020, 12:26 | #19 |
Registered User
Join Date: Oct 2017
Location: Sunderland, England
Posts: 2,702
|
When you tun a content management system that is 15 years out of date you’re gonna run into trouble like this. Also, nobody should br able to brute force accounts as they should have something like apache modsecurity in place.
Weak passwords or not, something like recapcha would solve the problem. Ultimately though the forum needs a controlled restore and upgrade. |
21 August 2020, 12:36 | #20 |
Banned
Join Date: Aug 2005
Location: London / Sydney
Age: 47
Posts: 20,420
|
What would you know Graeme; do you work in IT Security or something as a profession?
<joking of course, I know you do> |
Currently Active Users Viewing This Thread: 1 (0 members and 1 guests) | |
Thread Tools | |
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
amiga magix website is hacked | Retro-Nerd | Amiga scene | 19 | 14 July 2006 03:31 |
The Lemon Amiga forum is Launched | Lemon | News | 13 | 15 July 2004 23:03 |
Amiga.com hacked ! | RCK | Amiga scene | 34 | 29 December 2002 01:01 |
Another Amiga WebPage Hacked | Carlos Ace | Amiga scene | 13 | 11 May 2002 01:21 |
Amiga.org Hacked/Down | Galahad/FLT | Amiga scene | 3 | 24 December 2001 16:35 |
|
|