General And we start again...

Oh shit- so that’s what happened-MFers :mad:
Just feel gutted for all u guys that run the site.
If you’ve got an account I’m happy to chuck $100 in if it helps?
Or how do u become a contributor?
 
I was gutted to see the attack on the site yesterday and pleased to have the community back up and running. Thanks Tajhay and other admins for their efforts with the site, I don’t know much about it tbf but I’m sure there’s a hell of lot of work and effort behind the scenes to make it happen.

I spend more time on this site than any other (and find the off-season boring af) and value the community here. So thanks alot for getting it up and going again
I spend more time on this site than any other as well. Have some short cuts configured on my new tabs in Chrome it seems to be a reflex to click on here.

I joined here when the sites I would frequent like SMH & Daily Telegraph put on pay walls. It probably has freed up a lot of time instead of reading all of the news site and the repeated articles.
 
The account they used to get in has been disabled. It was a generic developer account that i could share with developers who the site contracts out to work on features where they need server access so the password was actually simple. It was made so i could monitor if they did something dodgy. However because it was needed to be shared it had a super easy password as well rather than going back and forth esp with different timezones. Anyway it wasnt any of the developers who have worked on the site. It was bruteforced.

I will work with a security expert i use for the site in UK to tighten the measures around that further. Oh and more importantly, start a process of retaining database backups.

Gotta implement multifactor authentication for adminy stuff.
 
The first thing we do is program a message in droid, then send it to Tatooine.
So, after all this, we're going to find that Darth Vader is Bruce's father and Leia Organa is Bruce's sister!? Not, like we'd all been dudded to believe, Luke Skywalker's?

I guess that's our fault for not reading the Canon Star Wars stuff....
 
Highly unlikely.

They will more than likely just move on and target someone else to see if they can get a ransom.

The thing with ransomware your at the mercy of the attacker as it's not like purchasing off a verified individual. They may unencrypt the data or they may just take your money and move on.
Yep, like the "Me So Horny! Me Love You LONG TIME!" scam - they'll move on pretty quickly to someone else.

I guess the worst case scenario is being hacked by friends of the very people who (cough)set up your security so no-one could hack it(cough) but because it's friends - or maybe friends of friends - the original Bad Hat has plausable deniability.
 
Just an update. The person responsible has emailed me threatening that he created more entry points and if not paid will do more harm. Willing to roll the dice on this one as feel it's all secured now.

Since he also has everyone's email address they entered when registered, if he does contact you, please dont respond and just fwd to me at tajhay@gmail.com

As previously mentioned he cannot do anything with the data stolen except use your email address. Please under no circumstance email him back with your real name or give into any threatening demands.

Hey, tajhay tajhay can you put this as a heads-up in the site note that you currently have? A good chance they will try social engineering and phishing people knowing some of the other user details coupled with their e-mail address.
 
Hey, tajhay tajhay can you put this as a heads-up in the site note that you currently have? A good chance they will try social engineering and phishing people knowing some of the other user details coupled with their e-mail address.
Thanks for the suggestion. Done.
 
I havent had an email, but I got a security alert from microsoft, with a single use code to log in from someone trying at 5am this morn.

Luckily the email I use here is a trash one for things like this and not my socials etc, but still everything has 2fa on anything that allows it. Make sure you have 2FA on everything with your email you've used on here.
 
Gee Hackers are not my favorite people at the moment. My bank account got hacked yesterday, I picked up on it this morning.

Actually they first bled me a a dollar last week which I did not see, testing my account out and all that.

Then they stung me for $19 dollars, not a big sum but obviously hoping to get that one past me too.

Been on the phone to the ASB had my cards cancelled which is a real hassle and has stuffed my plans to travel to watch the game with friends and family, medically I cannot drive these days, there goes my Uber plan.

Anyway l would like to be locked in a phone booth with one of these hackers about now.
 
Back
Top