WINM Forums :: News & Announcements :: Site hacked (it's okay now!)

Site hacked (it's okay now!)
Anakin McFly
2014-05-03 21:02

ADMIN

Forum Posts: 3072
Comments: 402
Reviews: 1
WINM got hacked, and the hacker made a post here under my account.

I'm trying to work out how they got in.

becauseichooseto22
2014-05-03 21:47


Forum Posts: 132
Comments: 2
Reviews: 0
What does that mean now?
LucaM
2014-05-03 22:13


Forum Posts: 4816
Comments: 381
Reviews: 13
huh?
Anakin McFly
2014-05-03 23:03

ADMIN

Forum Posts: 3072
Comments: 402
Reviews: 1
argh I did not make that original post. Just edited it.

I don't think they'll be back, but just in case I've backed up the site. I'll go through the code soon and try to close all the possible vulnerabilities.

Mosi.Pro2014-05-04 02:09


Forum Posts: 1
Comments: 0
Reviews: 0
Sorry For Hack
Your Security Very Low :-??

SaneSun
2014-05-04 03:02


Forum Posts: 201
Comments: 28
Reviews: 0
Did he get a look at the passwords? Do we need to change them?

Good luck.

Bliss
2014-05-04 04:33


Forum Posts: 146
Comments: 7
Reviews: 0
Sorry to hear that, Anakin!!

Why people do stuff like that is beyond me and it's stressful to experience. *=o(

Anakin McFly
2014-05-04 08:16

ADMIN

Forum Posts: 3072
Comments: 402
Reviews: 1
Hi- yeah, the security is pretty low here, because there's no sensitive information.
Which way did you get in, though?
2014-05-04 08:56
[ Post deleted by poster ]
MmeRenard
2014-05-04 10:08


Forum Posts: 1101
Comments: 48
Reviews: 0
And no answer, charming. Why? I guess someone was having a dull day?
Anakin McFly
2014-05-05 11:22

ADMIN

Forum Posts: 3072
Comments: 402
Reviews: 1
@SaneSun - there shouldn't be a need; the passwords are all encrypted, and this site isn't worth the trouble of trying to crack the codes.
axie
2014-05-06 00:24


Forum Posts: 345
Comments: 10
Reviews: 0
Ani - are you sure they didn't go directly after you? It may mean you need to change all of your passwords and run several scans on your system and phone.

Now why anyone would want to hack this site directly is beyond me, but someone getting into your system and getting all your passwords to then mess with you here, makes sense. Either way, keep us up to date.

Anakin McFly
2014-05-06 22:11

ADMIN

Forum Posts: 3072
Comments: 402
Reviews: 1
@axie - Nah, I highly doubt it was personal. They're Iranian, for one, and the group name pops up on various hacking websites.


Now why anyone would want to hack this site directly is beyond me

It's likely it's just one of many sites they mass-surveyed for security loopholes. This site (practically any site that's indexed by Google, I think) already gets bombarded by dozens of automated hacking or spamming attempts a day, but the basic security keeps the bulk of them out. But every now and then one puts in a bit more effort and gets through.

I've since found two somewhat glaring security loopholes and patched those up - one was left over from when I was recently updating the code and basically forgot to clean up properly after I was done. It's quite possible there are more; I've been optimising code bit by bit over the past few weeks, so hopefully when I'm done the site will be more secure than it currently is.

axie
2014-05-07 00:02


Forum Posts: 345
Comments: 10
Reviews: 0

I've since found two somewhat glaring security loopholes and patched those up - one was left over from when I was recently updating the code and basically forgot to clean up properly after I was done. It's quite possible there are more; I've been optimising code bit by bit over the past few weeks, so hopefully when I'm done the site will be more secure than it currently is.

Personal was probably the wrong term, more like attack on your system. But you found the security glitch. There was a huge one with IE [haven't used IE in forever] the info on it came out over the weekend. Anyone using IE on here should be sure to update their windows, there is a security patch that came down for it. Better if you just dump IE [for anyone using it] and use Firefox or Chrome. I personally prefer Chrome since I keep too many tabs open, work with large image files and it has no lag. Firefox hasn't worked for my needs in years.

Freya
2014-05-13 14:05


Forum Posts: 771
Comments: 3
Reviews: 0
I hope that everything is well now. I think that my account was hacked some years ago (once or maybe more times). I found strange information and the other disappeared. Internet is lovely way of communication as it is quick and goes long distances but there are also some hoax.
Freya
2014-06-29 20:43


Forum Posts: 771
Comments: 3
Reviews: 0
When clicking 'add replay' I am automatically logged out and then I have to log in again - is it a new version of posting here?
Anakin McFly
2014-06-29 22:38

ADMIN

Forum Posts: 3072
Comments: 402
Reviews: 1
Yeah, that problem cropped up again. I think it's because I ended up overwriting a file somewhere with an older version from before I fixed the problem. The problem is I can't remember what exactly changed. :/

I'll look into it!

Freya
2014-06-29 23:08


Forum Posts: 771
Comments: 3
Reviews: 0
Thank you for info - it means that it is nothing unusual.
Anakin McFly
2014-06-30 21:33

ADMIN

Forum Posts: 3072
Comments: 402
Reviews: 1
Did you select the box that keeps you logged in for a month? I'm trying to figure out if the problem is with the regular sessions or with the site cookies.
MmeRenard
2014-09-26 02:31


Forum Posts: 1101
Comments: 48
Reviews: 0
deleted because it's unnecessary. thank you, Anakin.




You must be registered and logged in to post on the forums.