Forum Home
    • Register
    • Login
    • Search
    • Recent
    • Tags
    • Popular

    Did the website get hacked?

    Off-Topic
    10
    18
    3079
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R
      Ruthie last edited by

      Yes, we were for a while, Bush and Ghostlander looking into it as I type.

      1 Reply Last reply Reply Quote 0
      • G
        ghitzafunny last edited by

        Here is a print screen :P

        [attachment deleted by admin]

        1 Reply Last reply Reply Quote 0
        • T
          thisaznboi88 last edited by

          [quote name=“chrisj” post=“53476” timestamp=“1390171722”]
          I will find out what happened. It might just be a simple error or a DDoS, in which case there would be no cause for alarm.

          Also you should check out password managers, I use this one https://lastpass.com/
          [/quote]

          thanks for sharing ;D

          1 Reply Last reply Reply Quote 0
          • I
            ibitcoinblog last edited by

            I posted a notice on my blog just in case users who aren’t very active on the forums are aware.

            1 Reply Last reply Reply Quote 0
            • I
              ibitcoinblog last edited by

              I had changed my password following the recent hack on here added a security question etc, shortly after I was logged out and the password I had changed to no longer worked. Forcing me to change my password yet again to be able to log in regardless of just changing it and logging in.

              Any information on this? As now I can see there is no available staff, moderators, or admins on the site logged in at all.
              I’m starting to check every account associated with my email on this website to make sure nothing else was compromised, will give an update shortly.

              1 Reply Last reply Reply Quote 0
              • R
                Ruthie last edited by

                Hey, I’ll mention it to Bush

                1 Reply Last reply Reply Quote 0
                • D
                  DARKANGEL6415 Regular Member last edited by

                  my went to website maint then i clicked refresh 2 days later and was back in here just fine. I just notice i do not see a chatbox option and i miss that. I am really not concered as far as the password goes as it only goes for a porn website lol so they can enjoy IF it was hacked lol :P

                  1 Reply Last reply Reply Quote 0
                  • K
                    Kevlar Spammer last edited by

                    [quote name=“DARKANGEL6415” post=“54339” timestamp=“1390490499”]
                    my went to website maint then i clicked refresh 2 days later and was back in here just fine. I just notice i do not see a chatbox option and i miss that. I am really not concered as far as the password goes as it only goes for a porn website lol so they can enjoy IF it was hacked lol :P
                    [/quote]

                    The website was hacked, the database is being sold online, no one has been forced to change their passwords, and the forum was downgraded because PHP makes security REALLY hard to do correctly.

                    Suffice to say, the news isn’t good.

                    1 Reply Last reply Reply Quote 0
                    • C
                      chrisj Regular Member last edited by

                      [quote name=“Kevlar” post=“54341” timestamp=“1390490692”]
                      [quote author=DARKANGEL6415 link=topic=7028.msg54339#msg54339 date=1390490499]
                      my went to website maint then i clicked refresh 2 days later and was back in here just fine. I just notice i do not see a chatbox option and i miss that. I am really not concered as far as the password goes as it only goes for a porn website lol so they can enjoy IF it was hacked lol :P
                      [/quote]

                      The website was hacked, the database is being sold online, no one has been forced to change their passwords, and the forum was downgraded because PHP makes security REALLY hard to do correctly.

                      Suffice to say, the news isn’t good.
                      [/quote]

                      We have a Change Password thread http://forum.feathercoin.com/index.php/topic,7031.msg53495.html#msg53495

                      As far as I understand attackers can’t just log in using the database entries without bruteforcing the passwords.

                      1 Reply Last reply Reply Quote 0
                      • P
                        padda last edited by

                        as long as they wasn’t using md5 i think most of the password should be safe from decryption.

                        1 Reply Last reply Reply Quote 0
                        • K
                          Kevlar Spammer last edited by

                          [quote name=“chrisj” post=“54348” timestamp=“1390492214”]
                          [quote author=Kevlar link=topic=7028.msg54341#msg54341 date=1390490692]
                          [quote author=DARKANGEL6415 link=topic=7028.msg54339#msg54339 date=1390490499]
                          my went to website maint then i clicked refresh 2 days later and was back in here just fine. I just notice i do not see a chatbox option and i miss that. I am really not concered as far as the password goes as it only goes for a porn website lol so they can enjoy IF it was hacked lol :P
                          [/quote]

                          The website was hacked, the database is being sold online, no one has been forced to change their passwords, and the forum was downgraded because PHP makes security REALLY hard to do correctly.

                          Suffice to say, the news isn’t good.
                          [/quote]

                          We have a Change Password thread http://forum.feathercoin.com/index.php/topic,7031.msg53495.html#msg53495

                          As far as I understand attackers can’t just log in using the database entries without bruteforcing the passwords.
                          [/quote]

                          Since the database is now available offline, brute forcing can happen offline, in a distributed environment, unchecked. Weak passwords will crumble in seconds, stronger passwords will take a while, but ultimately all are vulnerable.

                          GPU Cracking makes this trivial.

                          For 8 characters of ASCII non-control characters, that’s 1,235,736,291,547,681 possibilities. On a CPU, doing a sha256() of that would take about 195 years. On a GPU, 3.4 days.

                          You know those GPU mining farms? What do you think they would be REALLY well suited for?

                          You want to really worry? Three words for you: salted rainbow tables.

                          1 Reply Last reply Reply Quote 0
                          • D
                            DARKANGEL6415 Regular Member last edited by

                            lol

                            1 Reply Last reply Reply Quote 0
                            • K
                              Kevlar Spammer last edited by

                              I just looked at the code… you know what the salt for the password is?

                              The username. It’s right there in the database. You know, the same one with your password in it.

                              1 Reply Last reply Reply Quote 0
                              • wrapper
                                wrapper Moderators last edited by

                                Good job I changed my user name?

                                1 Reply Last reply Reply Quote 0
                                • K
                                  Kevlar Spammer last edited by

                                  [quote name=“wrapper” post=“54476” timestamp=“1390518039”]
                                  Good job I changed my user name?
                                  [/quote]

                                  Well I…

                                  Yes, actually. Since you did that, you don’t need to change your password. ???

                                  1 Reply Last reply Reply Quote 0
                                  • M
                                    mirrax last edited by

                                    [quote name=“chrisj” post=“53476” timestamp=“1390171722”]
                                    I will find out what happened. It might just be a simple error or a DDoS, in which case there would be no cause for alarm.

                                    Also you should check out password managers, I use this one https://lastpass.com/
                                    [/quote]

                                    Nice!
                                    I use this one, it has primitive GUI, is slow as f*** but overall works pretty well:
                                    [img]http://www.publicdomainpictures.net/pictures/20000/nahled/pencil-and-paper.jpg[/img]

                                    1 Reply Last reply Reply Quote 0
                                    • First post
                                      Last post