GSC has been hacked
J. M. Pescado:
This looks like the typical soft case, following the MO of all previous TSR-linked hackings: Compromise to specific user's password followed by application-level vandalism on multiple connected sites. It's not very sophisticated and demonstrates little foresight, planning, or skill.
Johan:
How are they linked to TSR?
Have Witchboy and/or Scotty used the same password as an account on TSR and that password hasn't changed in a year or so?
Maybe Scotty could try and dig out the IP address from the server log to see if it matches the one used to "hack" Witchboys account?
The user agent string could also be interesting to compare (though i think our "hacker" have learned to hide it by now).
This really should go without saying but just for the record, TSR don't "hack" or in other ways mess up other websites.
We don't feel we need to destroy things, there's plenty of space out there :)
J. M. Pescado:
Quote from: Johan on 2010 January 11, 13:06:40
This really should go without saying but just for the record, TSR don't "hack" or in other ways mess up other websites.
We don't feel we need to destroy things, there's plenty of space out there :)
Well, YOU probably don't. But like I've mentioned to you in the past, you've got at least one rogue operator, and you never caught him. Given that the rogue operator responsible for the initial leak was never actually caught, it is reasonable to believe he remains at large and continues to supply the person(s) responsible, even if he isn't specifically that person.
Witchboy:
Quote from: Johan on 2010 January 11, 13:06:40
How are they linked to TSR?
Have Witchboy and/or Scotty used the same password as an account on TSR and that password hasn't changed in a year or so?
Maybe Scotty could try and dig out the IP address from the server log to see if it matches the one used to "hack" Witchboys account?
The user agent string could also be interesting to compare (though i think our "hacker" have learned to hide it by now).
This really should go without saying but just for the record, TSR don't "hack" or in other ways mess up other websites.
We don't feel we need to destroy things, there's plenty of space out there :)
No, Scotty & i both don't use the same password or even the same accounts anywhere let alone TSR. The IP used to hack into both GSC & SV was thru a proxy server.
Screenshot courtesy of Coconut.
Johan:
Quote from: J. M. Pescado on 2010 January 11, 13:38:28
Well, YOU probably don't. But like I've mentioned to you in the past, you've got at least one rogue operator, and you never caught him. Given that the rogue operator responsible for the initial leak was never actually caught, it is reasonable to believe he remains at large and continues to supply the person(s) responsible, even if he isn't specifically that person.
IF there is a rogue operator somewhere within TSR then i would certainly want him/her caught. If Witchboy or Scotty have any more detail about this i would like to know.
A good start would be to find out if they have used a password that has also been used on TSR.
We changed to hashed passwords about a year ago so even if someone with database access (that is one of the 5 owners me included) would be a rouge operator all he could supply is a password that needs to be brute forced.
If you by initial leak refer to the Buggybooz incident i have also told you before that i think that was someone on your side given the actual evidence we had.
Since we repeatedly get the blame for stuff like this i would like to help investigate this.
Navigation
[0] Message Index
[#] Next page
[*] Previous page