About 6G Celicas Being Hacked Options

[Coomer]

Today, around 3:13PM PST, the 6G Celicas forums were hacked. I got several phone calls (thanks guys) letting me know while I was in the middle of my brake upgrade. I confirmed the site had been hacked, and killed the web services running on the server to prevent any more damage. I then waited for my parents to get home, took their car, came up to my apartment where I have fast and reliable internet access, and fixed the problems.

I don't know who did it, where they did it from, why they did it, or exactly how they did it.

I do know that just before the hacker got in, a password recovery request email was sent to me that I did not request. Somehow, a malicious user could get the necessary code to complete the password recovery section, allowing that user to set a new password. In this case, they changed my password, and took the board offline, with a inappropriate message that redirected to a site after a few seconds.

With the help of Invision Power Services, the forum software manufacturer, I got the problem fixed, applied my own security updates, and upgraded the board software to the latest version, which includes critical security updates. This was the first time that 6G Celicas was hacked, and should be the last.

With administrative access, it appears that the only thing the malicious user did was take the board offline. There's no evidence of the user accessing the administrative control panel, or doing any other malicious work to the board.

I know some of you were worried that your password might have been seen by the attacker, but it's impossible for anyone to view any user's password, because they are one-way encrypted using advanced and secure algorithms.

The bottom line is that this shouldn't happen again. I'll keep better tabs on applying those security updates, and in the event that something catastrophic were to happen, I do keep frequent database and full filesystem backups.

Should you notice anything different, suspicious, any errors, etc., PLEASE let me know immediately. I really appreciated everyone's help and concern today, and I'm sorry to the people I was blunt with on AIM, but we made it through this and shouldn't have to go through it again.

Regards,
Christian Coomer

[lagos]

yeah, the message said something along the lines of "g00ns.net F*cking owns you!" and under it, they had their mIRC server info.

server: irc.g00ns.net
channel: #g00ns

I went into their chat after I saw the message and saw the user LaD in there talking smack about our forums. I knew it was just some noob password request "hack". Those guys had to be hacker-wannabes. The guy was like "yea, give me 5 dollars and I'll bring the forum back up". I just mentioned that all of the users go on a secondary board as well just so that he stopped feeling so special.

Thanks for bringing the forum back up... I hate myspace!

go back to that irc chat. look up the ip for this LaD kid, and give it to coomer. then coomer can give it to his isp, and they can block it or contract the cops on this kid.

[laff09]

yeah, the message said something along the lines of "g00ns.net F*cking owns you!" and under it, they had their mIRC server info.

server: irc.g00ns.net
channel: #g00ns

I went into their chat after I saw the message and saw the user LaD in there talking smack about our forums. I knew it was just some noob password request "hack". Those guys had to be hacker-wannabes. The guy was like "yea, give me 5 dollars and I'll bring the forum back up". I just mentioned that all of the users go on a secondary board as well just so that he stopped feeling so special.

Thanks for bringing the forum back up... I hate myspace!

go back to that irc chat. look up the ip for this LaD kid, and give it to coomer. then coomer can give it to his isp, and they can block it or contract the cops on this kid.

mIRC has host encryption available with a simple command