2009-08-30: Boards were hacked, and now restored, thanks, bustin98!

JonLeung · August 30, 2009, 04:10:43 PM

Last night the forums were hacked. Unfortunate that we were targeted for whatever reason.

bustin98 was very good about helping me out (doing all of the work, actually) to restore the site. However, the latest backup was August 8, so unfortunately we lost a few posts. Not a ton, since the forums were quiet, especially in the past week.

bustin is still working on the migration to better (and likely more secure) forum software, which he says is certainly possible, it just takes some time. Until then, I'll increase the frequency of my backing-up.

Sorry for the inconvenience, everyone.

JonLeung · August 30, 2009, 04:17:45 PM

Sounds horrible. Do you know what happened?

bustin98 · August 30, 2009, 06:02:51 PM

sql injection. I know. I know. I need to get crackin on moving stuff over to the other forum software.

---

Cool beans

marioman · August 30, 2009, 06:38:20 PM

Good job restoring the forums bustin. What I can't figure out is why a hacker would want to target this site. You would think that there would be a lot of more likely targets for such an attack...

magicbay · August 30, 2009, 07:17:24 PM

I have to agree with marioman.

Why would anyone want to hack the forums of a video game map site??

I had noticed the differences this morning when I wandered over and figured someone hacked the site and waited to see what happened.

TerraEsperZ · August 30, 2009, 07:30:16 PM

The hacker, ~mariothehedge, apparently does nothing but hack GameFAQs message board admin accounts; he's a troll in the purest sense of the word. Don't look for anymore reason than that.

---

Current project: Little Samson (NES)

Upcoming project: Not sure yet...

Peardian · August 30, 2009, 07:30:57 PM

That stinks. At least it wasn't the mainsite.

Now to go fix my signature and profile...

---

YTT (41%) - WL4 (72%) - PM (50%) - YI (16%)

snesmaster · August 30, 2009, 09:21:55 PM

If this board was hacked, does that mean whoever did it has access to all our passwords used to login to the message board, along with e-mail addresses (if those are kept on the forum accounts)?

bustin98 · August 30, 2009, 10:06:37 PM

Theorically, he could have gained access to user names and email accounts. Passwords are encrypted so no one can see those unless they can crack the encryption. I've heard its possible to crack MD5, which is what this forum uses, instead of adding a salt and a stronger encryption algorithm.

But I don't believe the intent was to be malicious, but rather just showing off.

---

Cool beans

Will · August 30, 2009, 10:47:42 PM

I take it that the hacker was a white-hat hacker or a grey-hat hacker (If you're not sure what those mean, Wikipedia can tell you).

I notice that posts submitted within the last few days are missing. Fortunately the hacking had in no way interfered with the private messaging system. I have confidence an incident like that isn't going to happen for a long time.

Revned · August 31, 2009, 12:36:10 AM

Will Said:

I take it that the hacker was a white-hat hacker or a grey-hat hacker (If you're not sure what those mean, Wikipedia can tell you).

I notice that posts submitted within the last few days are missing. Fortunately the hacking had in no way interfered with the private messaging system. I have confidence an incident like that isn't going to happen for a long time.

I think you misunderstand the terms. He was definitely black-hat.

Maxim · August 31, 2009, 01:35:39 AM

Black hat in that he went and did it, marginally less black in that he wasn't in it to steal information, just to be an asshole.

Here's what I had to deal with a while back:

http://www.smspower.org/misc/omgwtf.html

TerraEsperZ · August 31, 2009, 09:24:55 AM

It was still done maliciously, so I think black-hat fits best.

---

Current project: Little Samson (NES)

Upcoming project: Not sure yet...

2009-08-30: Boards were hacked, and now restored, thanks, bustin98!

JonLeung