XS Hacked

[FUGGER]

Doing forensics and cleanup before restore.

 

Down for the day to patch.

[Don_Dan]

Thanks for the heads-up, Charles.

[M.Beier]

Doing forensics and cleanup before restore.

 

Down for the day to patch.

 

Good luck Charlie.

[Apfelkuchen]

I was really worried there, I hope you didn't loose anything.

 

But why would anyone target a site like this? It just doesn't make sense to me, since tech people aren't usually those who use one password for everything, so even getting all the user data wouldn't do much good.

Are forums just easy prey? Or is someone salty after being banned?

[FUGGER]

Just an update,

 

I am without my main server until the FBI returns it in a few days, I will put the backup server online. Its a bit older data but at least the site will be online.

 

It appears the vulnerability was with the vbulletin software, using javascripts.

 

It took the hackers 5 minutes of scripts to complete, the scripts were precise to extracting user data and delete all tracks including data.

 

Change your passwords to be safe if you use the same passwords across many sites.

[Gunslinger]

Did they show "intent" or maybe it was just ignorance that they hacked you. I can see the FBI letting them off the hook just like Hillary.

[websmile]

Not sure, Mike, in germany we say, the small gangsters get hung, the big ones get away with everything^^ - maybe they kick some teenagers a***s

[Kal-EL]

Hope they getter dun.

[Strong Island]

Just an update,

 

I am without my main server until the FBI returns it in a few days, I will put the backup server online. Its a bit older data but at least the site will be online.

 

It appears the vulnerability was with the vbulletin software, using javascripts.

 

It took the hackers 5 minutes of scripts to complete, the scripts were precise to extracting user data and delete all tracks including data.

 

Change your passwords to be safe if you use the same passwords across many sites.

 

crazy stuff, thanks for the heads up, sorry it happened to you

[FUGGER]

The main purpose to this was to get passwords, emails, IP and username fields only. They launched a .js once they had access and were done in 5 minutes.

 

Wife losing her phone was 100x more stressful for me.

 

It was not someone who disliked or knew XS, it was for the data and covering tracks.

[M.Beier]

Crap... FUGGER, is my profile deleted, and if not, can I get the password sent somehow? Want to make sure I don't use same other places.

[techjesse]

Thanks Fugger, I use a diff password on everything, safety first. When your up and running I'll change it. TJ

[l0ud_sil3nc3]

And here I thought you just threw the server on the cascade and started benching

[frupoli]

Hi, how is situation now? Are there any forecasts ...? Will Xtremesystems be back in some days or longer?

 

I have all my projects uploaded on your great forum, don't want to loose them!

 

Thanks.

[FUGGER]

I am restored and putting stuff back in place, a complete server rebuild with patching.

 

I fixed the UDF8 encoding as well.

 

Vbulletin forums themselves were also hacked by the same guys the same week along with a long list of other vb sites.

[Oj0]

w00t w00t for the encoding fix!

[frupoli]

I am restored and putting stuff back in place, a complete server rebuild with patching.

 

I fixed the UDF8 encoding as well.

 

Vbulletin forums themselves were also hacked by the same guys the same week along with a long list of other vb sites.

 

Saw the forum on, contents are not yes online. Will you please send us an advert when ready? And hope restore will proceed without problems! Thanks.

:-)

[xpower]

just joined and best wishes @ FUGGER

XS long live....!

Edited July 21, 2016 by xpower

[FUGGER]

XS is up, work still in progress

[Apfelkuchen]

Great to see it working again