[Forum] Security Breach Detected

Read me first before posting anywhere!
Forum rules
READ NOW: L2j Forums Rules of Conduct
Post Reply
User avatar
ThePhoenixBird
L2j Inner Circle
L2j Inner Circle
Posts: 1857
Joined: Fri May 27, 2005 5:11 pm

[Forum] Security Breach Detected

Post by ThePhoenixBird »

BEFORE READING THIS, GO CHANGE YOUR PASSWORD NOW!!!

Image
On the past days we have been doing a heavy duty emergency maintenance on forums and server, the reason of this emergency was that it was detected a malicious script injected into our forum core files, somehow a partially-unknown attacker used a vulnerability in our forum software (3.0.5 at the moment of the attack) and placed this script, so far we know all our users passwords have been compromised. In order to restore the security in our server and forums we taked down the forums and made a check of the uploaded files, deleted all the old forum files and upgraded the forum to the lastest version (3.0.7-PL1), we also made a full check of our custom themes and updated those to match the lastest version of Prosilver series. Also the software and OS running in our server was updated as well.

We apologize for any inconvenient caused to our users due this incident, we are currently investigating and we have some clues of who was the attacker, but for now, we will not publish that information in order to keep investigating. An attacker with enought time, skills and horsepower can crack password hashes with rainbow tables, passwords with less than 6 characters can be cracked in just a couple of minutes, we suggest to all our users to use a secure password with more than 8 characters and use UPPERCASE, lowercase, Numb3rs and $pecial Characters to increase your password security.

In order to ensure everyone safety we have issued a FORCED PASSWORD UPDATE for everyone, so once you login to the forums you will be asked to change your password, if you dont, you cant keep browing the forum with your account.

Again we ask for apologizes for any trouble caused.

Additional Notes:
We are moving to a new box in a few days, if you see the forum closed again its because we are doing the move.

Update: Forums have been already moved, enjoy the new box.
User avatar
qwerty13
Posts: 640
Joined: Mon Feb 02, 2009 9:57 am
Location: Europe
Contact:

Re: [Forum] Security Breach Detected

Post by qwerty13 »

Welcome back. :)
User avatar
kuriku
Posts: 65
Joined: Sun Jan 03, 2010 7:58 am

Re: [Forum] Security Breach Detected

Post by kuriku »

Fine
hope
Posts: 1160
Joined: Thu Aug 30, 2007 5:17 pm

Re: [Forum] Security Breach Detected

Post by hope »

So is this why the forums lag all the time
User avatar
denser
Posts: 1392
Joined: Wed May 30, 2007 9:13 pm
Location: Russia
Contact:

Re: [Forum] Security Breach Detected

Post by denser »

glad to see all this work guys :) hope we find these bastard and shit him off :P
nice to see old smiles instead of new one(f..ng baloons...)
Tiger, once tasted human flesh, will want to taste it again
L2J - the place where glad to see you any time!
User avatar
thecast
Posts: 117
Joined: Fri May 22, 2009 7:12 am

Re: [Forum] Security Breach Detected

Post by thecast »

Look ... the phpbb is turned on failure.
Invasions and injections are common across the Forum.

Here in their forums if I leave some options open as register_globals = On in 10 minutes the site goes down. Only restarting the apache to return.
Here I put register_globals = Off decreased 99.9% of attacks.
But all is failure of the board, and a retarded who do not have to do!
JustLikeMe
Posts: 91
Joined: Fri Feb 05, 2010 8:12 pm

Re: [Forum] Security Breach Detected

Post by JustLikeMe »

From what is this attacker benefited? Finding members' passwords ? This is nonsense.
User avatar
DrLecter
L2j Inner Circle
L2j Inner Circle
Posts: 705
Joined: Sat Jul 23, 2005 8:32 pm
Contact:

Re: [Forum] Security Breach Detected

Post by DrLecter »

S/he wanted to steal our dancing girls!
Search HERE. Read HERE. Then write.
User avatar
ThePhoenixBird
L2j Inner Circle
L2j Inner Circle
Posts: 1857
Joined: Fri May 27, 2005 5:11 pm

Re: [Forum] Security Breach Detected

Post by ThePhoenixBird »

Image
over 9000 inactive forum accounts were deleted today.
blacksea
Posts: 458
Joined: Fri Oct 05, 2007 1:29 am

Re: [Forum] Security Breach Detected

Post by blacksea »

To bad for me... i was in vacance he got my pp account and my money tt, yes.. sucks.. same email/password:-s
Post Reply