Jump to content

Forum back Online

mark1447

By mark1447,
in Announcements and Feedback

Recommended Posts


Harry

Harry

Posted
Posted
Good to see the forum back up after the hack.

 

Those hackers got nothing better to do, smh!

 

All I can suggest is for everyone to change your email / password, just in case!

 

Not the first time and certainly not the last. The only route I have is to leave vBulletin altogether. That will be the next step.

 

Yes I agree about the credentials. Also, please do not use a commonly used passwords for this site. You shouldn't for any site anyway but always create a separate new password for this website.

Link to comment
Share on other sites
B35 via Church

B35 via Church

Posted
Posted
Forum got hacked from like 2PM until 9PM around.

around 2pm was the last time I checked the forum today.....

 

 

after I signed off earlier this afternoon, I didn't try to sign back on until a couple mins ago.... but right before that, I checked my e-mail & noted one from "anonymous@NYCtransitforums.com"... which I thought was some sort of joke at first, until I sat & thought about what "anonymous" was.... I never opened the e-mail.....

 

then I try to sign on, and I see a shell of a forum.... I checked SC, and see a thread about the board being hacked by anonymous... after I finish skimming through that thread, I came back here, hit refresh, and voila - the forums/subforums is showing....

---------------------

 

 

Out of all the sites in the world to push an agenda & make an example out of, why the **** was NYCTF chosen !?!?!??!

Link to comment
Share on other sites
mark1447

mark1447

Posted
  • Author
Posted
Why would Anonymous care about this forum?

 

Where are you getting your info from (just curious)?

 

Hackers like to pick on SOME websites that have a nice good juice of traffic and other reasons. I've experienced this with my own site years ago. If you got no back up, your fried. Lucky NYCTF has backups.

 

Not the first time and certainly not the last. The only route I have is to leave vBulletin altogether. That will be the next step.

 

Yes I agree about the credentials. Also, please do not use a commonly used password for this site. You shouldn't for any site anyway but always create a separate new password for this website.

 

Yeah this board if pretty outdated, I think VB released a 4.0 over a year ago. Wish you luck!

Link to comment
Share on other sites
SevenEleven Dispatcher

SevenEleven

Posted
Posted
Yeah this board if pretty outdated, I think VB released a 4.0 over a year ago. Wish you luck!

 

Doubt that the site was exploitable because of the forums software itself. Could had been one of the plugins. Being that the hacker(s) were able to create a new email, I think it was more server side.

 

On top of that, there's nothing on vB about any recent exploits in vB3 nor 4. Not saying that a new exploit is possible though.

 

I noticed the "Like" system is absent.

 

Everything's probably been disabled for security reasons.

Link to comment
Share on other sites
peacemak3r

peacemak3r

Posted
Posted
Hackers like to pick on SOME websites that have a nice good juice of traffic and other reasons. I've experienced this with my own site years ago. If you got no back up, your fried. Lucky NYCTF has backups.

 

 

Yeah but Anonymous are known to attack more political type of websites. That's like saying professional bank robbers would occasionally rob a deli just because that deli the deli is so popular.

Link to comment
Share on other sites
Cait Sith

Cait Sith

Posted
Posted
Not the first time and certainly not the last. The only route I have is to leave vBulletin altogether. That will be the next step.

 

Yes I agree about the credentials. Also, please do not use a commonly used passwords for this site. You shouldn't for any site anyway but always create a separate new password for this website.

 

Also, on top of creating new passwords, it would be also wise to change the emails after today just for safety. I've been trying to get the news out to some folks all over today to change their passwords & emails.

Link to comment
Share on other sites
Harry

Harry

Posted
Posted

They were on the look out for websites with a certain SQL vulnerability available to them. I'm deeply saddened to say that this site was one of them.

 

Now about how they found out which sites have this vulnerability I have no idea. But I have an idea how they did it. I just hope I took care of that problem temporarily until I can figure out where to take this site next. Stay tuned.

Link to comment
Share on other sites
RTS CNG Command

RTS CNG Command

Posted
Posted

Hey again! I'm very glad to see this place running again. This forum has so many fantastic people, and it'd be a damn shame to see it go to waste. The fact that these terrorists hacked the NYCTF is just sad, and I love this place too much for it to die like this. Kudos to the staff here for keeping the place up and running (and for having a backup, too! :D).

 

@Harry: One possible forum suggestion (if you want to get out of vBulletin) is the IP.Board. I know three sites that use it in which I'm a member of: SSMB, TTMG, and the MLP Forums. From a member's standpoint, they're very accessible, and they carry some nice features (including the "Like" system, Shoutbox (for TTMG's forum only), and Status Update. Maybe you can use something like that if you desire.

Link to comment
Share on other sites
Den

Den

Posted
Posted

I got the email too and immediately knew the site was hacked by reading what the email said. When I went to the website the redirect to the UK site was in effect.

 

It wasn't the group Anonymous. As this is what they posted on their site. And they find the vulnerable websites by doing a google search and entering in certain strings. once they find a site they use something called SQL Injection.

 

Update March 11th - We've been told that certain web-sites have been altered to redirect traffic here without their consent. This has *not* been done by us, although the person or persons doing it obviously think/s that everyone desperately NEEDS to see this film, and so do we. We believe that if you watch it you will also agree that everyone NEEDS to watch it.

 

We don't know who is doing it, nor have we asked or encouraged anyone to do so.

 

So, please don't get angry with us and please watch the film and share it with everyone you can.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.

  I accept