Guest aderon Posted March 5, 2007 Posted March 5, 2007 (edited) Als ich gestern (sehr früh, ich schätze gegen 08.00 Uhr) die Webseite des DVB-Viewers ansurfte, erschien eine Seite, die sinngemäß aussagte "xyz OWNS YOU. THIS SITE WAS HACKED! VISIT XYZZZZZ.COM". Andere Seiten waren nicht abrufbar. Meine Frage daher: ist die SQL-Datenbank betroffen gewesen oder nur der http-Server? Sind also die Passwörter und/oder Benutzerdaten in die Händen Dritter gelangt? Eine öffentliche Stellungnahme zur Klärung dieses Sachverhaltes wäre hier wohl angebracht. MfG, aderon ============== in (my;) english ============== Yesterday morning i surfed (about 8met) on DVBViewer.info and got another start page which said: "xyz OWNS YOU. THIS SITE WAS HACKED! VISIT XYZZZZZ.COM". Other sites were not reachable. So i ask you if the sql-server was hacked or only the http-server? What about our personal data? Had or have a third party access to that or other data? I hope that your answer might be public to clarify this subject. Greetings, aderon Edited March 5, 2007 by aderon Quote
hackbart Posted March 5, 2007 Posted March 5, 2007 First of all: DONT PANIC. Neither the official server was hacked, nor the server which hosts the Forum. As you might recognized both are running on different machines in even different parts of the world (the main one in the United States, the forum one in Germany). So in any cases it is quite sure and we always have a backup solution. Now to the forum hack. It seems to be that one "smartass" used a script available on one of those security hacking sites, searched in google for websites running this board version and attacked all of them. The result was that he deleted some moderator accounts, erased posts and added multiple "club_owner99 f*cking owns you" and "underground-security.com owns you" texts on the main site. This can be done if you turn the board offline as some kind of offline message. Well what he honestly forgot (and what will alight his feet) is the fact that he forgot to erase the log files which show what he done and with which ip he did it. What i did yesterday was updating the board version to the latest available one, restoring the accounts and the mess club_owner99 did here, plus an investigation. So I apologize that somebody might got panic and thanks for the sympathy i got via email yesterday. Christian Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.