AAO has been hacked

Read and comment on the latest community news and site updates.
User avatar
Unas
Admin / Site programmer
Posts: 8850
Joined: Tue Jul 10, 2007 4:43 pm
Gender: Male
Spoken languages: Français, English, Español
Contact:

AAO has been hacked

Post by Unas »

AAO has been hacked
Hi everyone,

I've got quite bad news here. It's exactly what the title says : I've just discovered that AAO has been hacked in the past few months.

tl;dr
See the "Action required" part below if you don't care about the details.

What happened
More precisely, my FTP access to AAO's file server was obtained by a bruteforce attack, apparently originating from China, and used to hide spam links in hidden parts of the site.
This is not too much of a problem, since the files stored there include no personal data - only the site and forum scripts, which I'm currently checking for malicious edits but seem fine, and the trial resource files.

All your sensitive data (email, password, etc.) is stored on a different server - which does not seem to have been attacked. Thankfully, its entry point is a little hidden...
However, I can't be positive that no-one accessed it - and in fact, it's very possible that they did, if they were clever enough. Your password may have been compromised.
Passwords are only stored as "hashes" in AAO's database - meaning that the real password should not be deductible from the database contents. But "should" is not what I consider a high enough standard in terms of security...

Anyway, I have discussed the matter with my host, and we have changed all my accesses, fixed the bug that made the bruteforce attack possible - and additionally brought the security a few levels higher. We're safe again for a while - at least until I get the time to take care of the "2nd part" of the move that I had mentioned in the previous announcement, and set up my own security systems.

However, even though your data should be fine, one is better safe than sorry.
So here are a few things you should do to make sure there's no risk.

Action required
  • First, you should change your password on AAO.
  • Second, if you used the same password for your email address, you must change it there too.
    Indeed, your email address is stored in the database : attackers may have had access to both it and your AAO password. If your AAO password is the same as for the email, you get the idea...
  • If you used the same email address and the same password to register on other websites, you should change it there too, to be perfectly safe.
I'm really sorry for the inconvenience - it will (hopefully) not happen again. :|
ImageImageImage
If knowledge can create problems, it is not through ignorance that we can solve them.
Si le savoir peut créer des problèmes, ce n'est pas l'ignorance qui les résoudra. ( Isaac Asimov )
Broocevelt
Moderator
Posts: 7319
Joined: Fri Sep 11, 2009 6:06 pm
Gender: Female
Spoken languages: ES/FR/EN/DE
Location: Spain
Contact:

Re: AAO was hacked

Post by Broocevelt »

Alright, to change the password... Nothing else to change, right?

What was it, a security breach? Or as you said they just attacked over and over until they got to enter the database?
Phantom

Re: AAO was hacked

Post by Phantom »

^Sounded like both.
User avatar
Unas
Admin / Site programmer
Posts: 8850
Joined: Tue Jul 10, 2007 4:43 pm
Gender: Male
Spoken languages: Français, English, Español
Contact:

Re: AAO was hacked

Post by Unas »

Changing the password should be enough. ;-)

As for your question, it was both : they just attacked over and over until they found the right password - but we had things set to prevent that : basically, banning connexions after a few failed login attempts, to make them lose a lot of time (making this brute force strategy unreasonable as it'd have lasted for dozens of years). This banning system failed without any warning, so they were able to deploy a full scale brute force attack and get in.

However, as I said, what they accessed is the file server - I have no evidence of them entering the database. It is just a possibility - and a possibility is enough to take action ;-)
ImageImageImage
If knowledge can create problems, it is not through ignorance that we can solve them.
Si le savoir peut créer des problèmes, ce n'est pas l'ignorance qui les résoudra. ( Isaac Asimov )
User avatar
Bad Player
Posts: 7228
Joined: Wed May 20, 2009 10:53 pm
Gender: Male
Spoken languages: American
Location: Under a bridge

Re: AAO has been hacked

Post by Bad Player »

Jeez, first EM, and now here. (...Although I suppose chronologically, here was first.)

Well, wasn't as bad as the PSN attacks, right? :P

Anyway, changed my password. Darn, I liked it.... xD
User avatar
Meph
Posts: 13439
Joined: Mon Nov 10, 2008 10:07 pm
Gender: Male
Spoken languages: English
Location: Probably Disneyland Paris... or the UK

Re: AAO has been hacked

Post by Meph »

This most likely isn't as bad as it could be. It appears that they've only hacked to upload a spam document. However, we're not taking any chances.
User avatar
Unas
Admin / Site programmer
Posts: 8850
Joined: Tue Jul 10, 2007 4:43 pm
Gender: Male
Spoken languages: Français, English, Español
Contact:

Re: AAO has been hacked

Post by Unas »

Bad Player wrote:Well, wasn't as bad as the PSN attacks, right? :P
Well, unless you store your credit card information somewhere on AAO, it isn't as bad. (=3)
(And if you do, you can only blame yourself :XD: )
ImageImageImage
If knowledge can create problems, it is not through ignorance that we can solve them.
Si le savoir peut créer des problèmes, ce n'est pas l'ignorance qui les résoudra. ( Isaac Asimov )
User avatar
Holhol
Posts: 2821
Joined: Sun Jan 09, 2011 8:20 am
Gender: Male
Spoken languages: English
Location: United States

Re: AAO has been hacked

Post by Holhol »

This is the type of thing that should be put on the announcements of all forums, because hardly anybody visits this...
~Danielinhoni is the bestest friend anybody could ask for~

Image



▬▬▬▬▬▬▬▬▬▬▬ஜ۩۞۩ஜ▬▬▬▬▬▬▬▬▬▬­▬▬▬

TKinhonipei is my soulmate ~<3

▬▬▬▬▬▬▬▬▬▬▬ஜ۩۞۩ஜ▬▬▬▬▬▬▬▬▬▬▬▬▬
Liquid Snake wrote:Snake, did you like my sunglasses?
Image
User avatar
lazyplague
Posts: 2430
Joined: Sun Oct 10, 2010 4:24 pm
Gender: Female
Spoken languages: English
Location: Hell. Gay Hell, to be exact.

Re: AAO has been hacked

Post by lazyplague »

Darn.What the point of hacking even?
It's just a annoying little thing that takes a while to fix.

Changed my Pass.
I haven't changed my E-mail on here for a while.
And since I have a new one I'm safe.
User avatar
Singidava
Posts: 1621
Joined: Fri Jul 23, 2010 6:56 pm
Gender: Female
Spoken languages: Suomi, English & 日本語
Location: Finland
Contact:

Re: AAO has been hacked

Post by Singidava »

Wow, who'd even bother bruteforcing AAO? That must've taken quite a while! Kinda random... Well, hackers usually are.

Pro tip to haxxorz: Identity crimes via Facebook profit more. That thing is one huge security hole... ;)
User avatar
KratoX
Posts: 8976
Joined: Sun Jul 25, 2010 7:35 pm
Gender: Male
Spoken languages: Français - Anglais
Location: ... Désormais au travail Q.Q
Contact:

Re: AAO has been hacked

Post by KratoX »

Wow oO
Well thanks for warning us, I gonna change my password soon
ImageImage
User avatar
Sheikor
Posts: 5386
Joined: Wed Feb 25, 2009 2:34 pm
Gender: Male
Spoken languages: Français, English, Español, een beetje Nederlands
Location: Quelque part en Belgique, dans l'Europe, sur la Terre.
Contact:

Re: AAO has been hacked

Post by Sheikor »

Well, glad to see it's not worst.
Hopefully, that was indeed totally random, simply saw that many people visited the site, hacked it to hide spam and annoy people, and nothing else.
I think I can assume that without taking any risks, but I still changed my password, just to be sure...
Anyway, thanks for warning us, and doing everything you can to fix this, Unas ! I hope it won't be too much of a problem. AAO really is in very good hands with you ^^ -Never doubt of it, but I think it should be underlined, since it's not said very often x)-

Oh! As you can see, the information has been posted on the French section... I don't know if you were going to warn us in French, but I guess most of us are already warned. Don't bother if you have other things to deal with ^^
Zynet0 killed the Tivi0 Star 3DS: 3754 - 7667 - 8568
Image
User avatar
KratoX
Posts: 8976
Joined: Sun Jul 25, 2010 7:35 pm
Gender: Male
Spoken languages: Français - Anglais
Location: ... Désormais au travail Q.Q
Contact:

Re: AAO has been hacked

Post by KratoX »

Well, I think it can't be dangerous, I didn't post any personal data,
But I don't think I read it, there is a possibility they attacked our Trials ?

And yes, please warn the French section, we already know but it can only be good for us ^^
ImageImage
User avatar
Kroki
Admin
Posts: 7475
Joined: Fri Nov 23, 2007 10:05 pm
Spoken languages: Français, English, Español, 日本語
Contact:

Re: AAO has been hacked

Post by Kroki »

Well, assuming this is a thinking entity, I do believe it has not really any concern about the trials. Of course everything can happen but you can still use backups or server-saves.
ImageImage Image Image Image
User avatar
KratoX
Posts: 8976
Joined: Sun Jul 25, 2010 7:35 pm
Gender: Male
Spoken languages: Français - Anglais
Location: ... Désormais au travail Q.Q
Contact:

Re: AAO has been hacked

Post by KratoX »

Well, I thought maybe he could erase the Trials just for fun, I don't know why he even hack a forum like AAO anyway x)
But Unas take care of it, and I think that's enough to be confident ^^
ImageImage
Locked