Jump to content
ColdFusion

InsanelyHacked!

178 posts in this topic

Recommended Posts

Advertisement
The list is there, but have you tried the links?

 

Well, most of them work, but not mine.

 

Hmmm, that's strange. I'll pass it on to ColdFusion.

Share this post


Link to post
Share on other sites

Good thing the InsanelyMac is back up and running again...that was a quick recovery. I'm still a little ticked off that our e-mail adresses are compromised, but so far for me (knock on wood) either I'm not getting any spam to begin with(i.e my email is not sold yet), or Gmail's spam filter is impressively strong and dead accurate...and is filtering perfectly so far. I hope its the first one, because so far I havent received any spam. I hope it stays that way. :hysterical:

 

Any news at all on who(m) was behind all this?

Share this post


Link to post
Share on other sites
The list is there, but have you tried the links?

 

Well, most of them work, but not mine.

 

Ok, blogs are now up and working. :hysterical:

Share this post


Link to post
Share on other sites

i was alarmed a bit by this snippet:

 

"However, if your password is not particularly strong, we recommend you change it to something stronger ASAP. This is because commonly used passwords could be compared against a list of their encrypted versions, so passwords such "hello" are really not a wise choice. We recommend that your password be at least 8 characters long and contain a mixture of letters and numbers."

 

are you seriously saying you guys don't salt hashes? i thought that topic was covered in Forum Administration 101 :)

Share this post


Link to post
Share on other sites

They would use a MD5 hash I believe BUT if your password was hello they can match the hashes, Eg: if you password was 'hello' in the database it would appear as '5d41402abc4b2a76b9719d911017c592' and because hello could be a common pass they could easily match 5d41402abc4b2a76b9719d911017c592 to hello.

Share this post


Link to post
Share on other sites

That would not be possible if the passwords were salted through a random string during encryption, which I'm pretty sure they are!

Share this post


Link to post
Share on other sites
So it appears someone with nothing better to do took it upon themselves to bring down the site for no good reason. They used an Invision PowerBoard exploit which allowed them to gain root access to the database, and after backing it up for their own gratification and future exploitation, they deleted it. I guess this is some people's idea of fun, but the simple fact is: it's a serious crime. So serious in fact, that the investigation has been passed to the UK's Serious Organised Crime Agency (SOCA), and we have been able to provide them with a number of leads thanks to some sterling work from our excellent mods!

 

 

and how we know was not you for example ?

 

not happy about current "income" and decide to sell 80K emails , then let's blame "hackers" ?

 

any prove ?

Share this post


Link to post
Share on other sites
and how we know was not you for example ?

 

not happy about current "income" and decide to sell 80K emails , then let's blame "hackers" ?

 

any prove ?

 

Oh come on, that is some of the worst nonsense I have ever read ;)

Share this post


Link to post
Share on other sites
Oh come on, that is some of the worst nonsense I have ever read ;)

 

and you are "ColdFusion" secretary ?

Share this post


Link to post
Share on other sites

"it's a serious crime?" lol.

So many devs have left here for so many logical reasons ie backstabbing, dishonesty, account-jacking, internal politics. insanelymac has become a not-so-innocent altruistic brotherly organization.

Amazing that this would happen to us? Unwarranted? Im just not sure.

 

Perhaps events like this should be kept in perspective.

 

 

just one members opinion.

Share this post


Link to post
Share on other sites
and how we know was not you for example ?

 

not happy about current "income" and decide to sell 80K emails , then let's blame "hackers" ?

 

any prove ?

there were about 3 hackers {censored}in with the server, it wasnt him.

Share this post


Link to post
Share on other sites
i was alarmed a bit by this snippet:

 

"However, if your password is not particularly strong, we recommend you change it to something stronger ASAP. This is because commonly used passwords could be compared against a list of their encrypted versions, so passwords such "hello" are really not a wise choice. We recommend that your password be at least 8 characters long and contain a mixture of letters and numbers."

 

are you seriously saying you guys don't salt hashes? i thought that topic was covered in Forum Administration 101 ;)

 

 

They would use a MD5 hash I believe BUT if your password was hello they can match the hashes, Eg: if you password was 'hello' in the database it would appear as '5d41402abc4b2a76b9719d911017c592' and because hello could be a common pass they could easily match 5d41402abc4b2a76b9719d911017c592 to hello.

 

Yep that's right, MD5 encryption is used.

 

Can we prove that we didn't hack our own server and sell your email addresses? Yes thanks :)

Share this post


Link to post
Share on other sites
Can we prove that we didn't hack our own server and sell your email addresses? Yes thanks :)

:hysterical: too bad there were like 3 people playing on your server :s

 

 

and too bad you cant figure out who or which ones did it... although i hope you do.

Share this post


Link to post
Share on other sites

ok its good the site's back up but i still want to know, what kind of servers is the site on now? I hope some b-{censored}ing apple quads with 32GB of ram like the one that i just got to use with Final Cut Studio 2 along with my octa core mac pro

Share this post


Link to post
Share on other sites
Can we prove that we didn't hack our own server and sell your email addresses? Yes thanks :P

 

ColdFusion, you don't need to prove anything. It is just plain common sense that it was somebody else.

Share this post


Link to post
Share on other sites
and you are "ColdFusion" secretary ?

 

What if it was you? You say we blame hackers, but you blame a staff member? Nonsense.

Share this post


Link to post
Share on other sites

Good to see everything back...

 

Strangely enough, im in Ozzie land and it seems faster now than before (joined recently, been reading for months), or maybe i'm going insane......ly mac... :(

 

c-ya,

b.t.w. OS x86 on podcast today

search for Aussie Tech Heads in iTunes, or myspace, episode 44.

I'll post in news section.

 

edit: i can't post in news, i'll find somewhere

Share this post


Link to post
Share on other sites
So it appears someone with nothing better to do took it upon themselves to bring down the site for no good reason.

 

Hmm, so that's why there was no more InsanelyMac bookmark icon... ;)

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

  • Recently Browsing   0 members

    No registered users viewing this page.

×