Title: CC Hacked
Lex - March 23, 2008 01:53 AM (GMT)
Hi folks
if you're logged in on the centrecourthavoc.com address, you may need to change to
http://z3.invisionfree.com/Centre_Court/index.php as the main site URL has been hacked
The Admin team has been alerted to this
SuperBRAT - March 23, 2008 01:54 AM (GMT)
Pebs - March 23, 2008 10:56 AM (GMT)
Just an update - please note that the main board itself was not hacked - it was the main index page and appears to have happened to nearly all invision boards - they were all targeted - those of you who read Pitlane or another invision forum would have found the same hackers notice.
Invision themselves are aware and seem to have sorted the problem their end as has Trisco this end :)
Gav - March 23, 2008 11:05 AM (GMT)
| QUOTE (Pebs @ Mar 23 2008, 10:56 AM) |
Just an update - please note that the main board itself was not hacked - it was the main index page and appears to have happened to nearly all invision boards - they were all targeted - those of you who read Pitlane or another invision forum would have found the same hackers notice.
Invision themselves are aware and seem to have sorted the problem their end as has Trisco this end :) |
The main URL (www.centrecourthavoc.com) now comes up with "This domain is not setup for an InvisionFree.com board." I am guessing Trisco may not have dealt with that just yet, so some members may still not be able to log on.
Pebs - March 23, 2008 11:09 AM (GMT)
yeah, Lex just said - I guess I dont have that as my address cos mine worked fine :unsure:
Have just bulked email everyone to use the other address lex put up for now.
trisco - March 23, 2008 01:43 PM (GMT)
I deleted the domain last night and have now just add it again and seems to be working ok... can people confirm this?
Thanks Lex, Gav, Pebs and Tim etc for looking and running with this. :ok:
Gav - March 23, 2008 02:09 PM (GMT)
| QUOTE (trisco @ Mar 23 2008, 01:43 PM) |
| I deleted the domain last night and have now just add it again and seems to be working ok... can people confirm this? |
Works fine for me dude. Cheers Buddy :ok:
Lex - March 23, 2008 10:39 PM (GMT)
yep, it's back up now for me too Trisc :)
jack.hl.ng - March 23, 2008 10:41 PM (GMT)
working for me too now :)
scary stuff last night !
scolios - March 23, 2008 11:31 PM (GMT)
I never log off (!), so I presume that is why I had no problem accessing the board?? Anyway, thanks for the mail with the new link - that got me posting again, so thank you to the hackers, too :blink: :D
mightyjeditribble - March 24, 2008 09:56 PM (GMT)
Do I understand correctly that this hacking only affected access to CC, not that any log-in data was stolen or anything like that? Just checking ...
Pebs - March 24, 2008 10:33 PM (GMT)
| QUOTE (mightyjeditribble @ Mar 24 2008, 09:56 PM) |
| Do I understand correctly that this hacking only affected access to CC, not that any log-in data was stolen or anything like that? Just checking ... |
as far as I am aware - and please excuse my lack of technical jargon - it was literally only the url that was affected - so instead of coming to CC, you were directed to that Hackers page.
It happened to lots of invision boards but nothing else was affected or stolen - I'll get Trisco to double check and confirm.
timmadigan - March 24, 2008 11:29 PM (GMT)
| QUOTE (mightyjeditribble @ Mar 24 2008, 04:56 PM) |
| Do I understand correctly that this hacking only affected access to CC, not that any log-in data was stolen or anything like that? Just checking ... |
What happened is that they hacked one of the domains/dns records on the base invisionfree.com site. This meant that all the domains on invision sites got pointed to the g00n site, but the hackers did not get access to individual invison hosted forums.
They could point the alternate URLs to their site but not the invisionfree.com ones nor get access to the forums themselves.
mightyjeditribble - March 25, 2008 02:35 AM (GMT)
| QUOTE (Pebs @ Mar 24 2008, 11:33 PM) |
| QUOTE (mightyjeditribble @ Mar 24 2008, 09:56 PM) | | Do I understand correctly that this hacking only affected access to CC, not that any log-in data was stolen or anything like that? Just checking ... |
as far as I am aware - and please excuse my lack of technical jargon - it was literally only the url that was affected - so instead of coming to CC, you were directed to that Hackers page.
It happened to lots of invision boards but nothing else was affected or stolen - I'll get Trisco to double check and confirm.
|
What I mean is, they didn't point the main url to a 'fake' page where they then asked for people's login details or something?
trisco - March 25, 2008 09:12 AM (GMT)
| QUOTE (mightyjeditribble @ Mar 25 2008, 02:35 AM) |
| QUOTE (Pebs @ Mar 24 2008, 11:33 PM) | | QUOTE (mightyjeditribble @ Mar 24 2008, 09:56 PM) | | Do I understand correctly that this hacking only affected access to CC, not that any log-in data was stolen or anything like that? Just checking ... |
as far as I am aware - and please excuse my lack of technical jargon - it was literally only the url that was affected - so instead of coming to CC, you were directed to that Hackers page.
It happened to lots of invision boards but nothing else was affected or stolen - I'll get Trisco to double check and confirm.
|
What I mean is, they didn't point the main url to a 'fake' page where they then asked for people's login details or something?
|
No, they pointed the URL to a single page that proudly announced the site had been hacked, didn't ask for any log on details etc and just gave you a link to visit their own lovely forum should you so with to do so... :rolleyes:
laurie - March 25, 2008 12:00 PM (GMT)
I also use Invision to run a forum and site. They are always targeted. They moved their sites last August to a new DNS server to improve security. Clearly that doesn't seem to be working.
Luckily my site wasn't hacked on this ocassion - did happened last August just before Invision tried to improve the situation.
SuperBRAT - March 25, 2008 12:51 PM (GMT)
What Jed says concerns me cos I never get asked for log in details, I am permanently logged in it seems, and when thsi was goin on I was asked fo rmy log in, and it didn't work either :shrug:
Gav - March 25, 2008 02:15 PM (GMT)
| QUOTE (SuperBRAT @ Mar 25 2008, 12:51 PM) |
| What Jed says concerns me cos I never get asked for log in details, I am permanently logged in it seems, and when thsi was goin on I was asked fo rmy log in, and it didn't work either :shrug: |
This wasn't a hack like that. this was a bulk hack over several URL's where the same page was sent out with a message claiming how great he was that he hacked the main page. They didn't take the trouble to copy the main log in page and steal details mainly because they used a progam that scanned invision sites for those that use a seperate URL to point to the invision board and it hacked that pointing site...
If you are logging in automatically each time you come in then I imagine at some point you have clicked on the "remember me" option on the login page, that stores your login details in a file on your PC so whenever you look for www.centrecourthavoc.com it logs in using that file.
Perhaps what happened when the hacked page was up was this......At that point to get onto the forum everyone had to use the alternate DIRECT invision address and your PC would not have recognised that as the normal CentreCourt URL so it would not have bothered to retreive your login details from the file so you would have had to login yourself. If that makes sense. Why the details you entered didn't work is another question I have no theory for.
SuperBRAT - March 25, 2008 10:54 PM (GMT)
| QUOTE (Gav @ Mar 25 2008, 02:15 PM) |
| QUOTE (SuperBRAT @ Mar 25 2008, 12:51 PM) | | What Jed says concerns me cos I never get asked for log in details, I am permanently logged in it seems, and when thsi was goin on I was asked fo rmy log in, and it didn't work either :shrug: |
This wasn't a hack like that. this was a bulk hack over several URL's where the same page was sent out with a message claiming how great he was that he hacked the main page. They didn't take the trouble to copy the main log in page and steal details mainly because they used a progam that scanned invision sites for those that use a seperate URL to point to the invision board and it hacked that pointing site...
If you are logging in automatically each time you come in then I imagine at some point you have clicked on the "remember me" option on the login page, that stores your login details in a file on your PC so whenever you look for www.centrecourthavoc.com it logs in using that file.
Perhaps what happened when the hacked page was up was this......At that point to get onto the forum everyone had to use the alternate DIRECT invision address and your PC would not have recognised that as the normal CentreCourt URL so it would not have bothered to retreive your login details from the file so you would have had to login yourself. If that makes sense. Why the details you entered didn't work is another question I have no theory for.
|
Oh right, cheers :ok: It was just unusual for me that's all.