FIREFLYFANS.NET CENTRAL

Blue Sun Room Hacked.

POSTED BY: HAKEN
UPDATED: Friday, November 9, 2007 12:37
SHORT URL:
VIEWED: 26151
PAGE 1 of 2

Friday, November 2, 2007 12:02 PM

HAKEN

Likes to mess with stuffs.


Looks like the Blue Sun Room got hacked. Mostly likely by Chinese hackers since the javascript that the page now tries to load was the same one from a while back.

I'll have to restore from backups. Not exactly sure when it happened. Will let you guys know when I know more.


NOTIFY: Y   |  REPLY  |  REPLY WITH QUOTE  |  TOP  |  HOME  

Friday, November 2, 2007 12:06 PM

WYTCHCROFT


thanks captain!:)

NOTIFY: N   |  REPLY  |  REPLY WITH QUOTE  |  TOP  |  HOME  

Friday, November 2, 2007 1:32 PM

PHYRELIGHT


Well, that just sucks. Reloading the fics has to be tedious work. I hope it goes smooth for you.



I aim to misbehave, but I usually miss!

NOTIFY: Y   |  REPLY  |  REPLY WITH QUOTE  |  TOP  |  HOME  

Friday, November 2, 2007 2:17 PM

HAKEN

Likes to mess with stuffs.


Quote:

Originally posted by PhyreLight:
Well, that just sucks. Reloading the fics has to be tedious work. I hope it goes smooth for you.



I aim to misbehave, but I usually miss!



Unfortunately, it looks like it's not going to be smooth. Just got through talking to the sysadmin and it looks there might be a problem with the backups. Will let you guys know when I know more.

NOTIFY: Y   |  REPLY  |  REPLY WITH QUOTE  |  TOP  |  HOME  

Friday, November 2, 2007 2:26 PM

CYBERSNARK


Quote:

Originally posted by Haken:
Mostly likely by Chinese hackers

Which somehow seems strangely apropos.

-----
We applied the cortical electrodes but were unable to get a neural reaction from either patient.

NOTIFY: N   |  REPLY  |  REPLY WITH QUOTE  |  TOP  |  HOME  

Friday, November 2, 2007 2:27 PM

MISSWHATSIS


Is there anything we can do to assist? Is it helpful for us to repost, if possible?

NOTIFY: Y   |  REPLY  |  REPLY WITH QUOTE  |  TOP  |  HOME  

Friday, November 2, 2007 2:35 PM

HAKEN

Likes to mess with stuffs.


Quote:

Originally posted by misswhatsis:
Is there anything we can do to assist? Is it helpful for us to repost, if possible?



Most likely people will have to repost for those days that I can't restore. The sysadmin tells me that there was a problem with the SQL dumps that he wasn't aware of and that the last good one is from October 12th, which means that we'll be missing about a couple of weeks of BSR postings.

NOTIFY: Y   |  REPLY  |  REPLY WITH QUOTE  |  TOP  |  HOME  

Friday, November 2, 2007 2:40 PM

WYTCHCROFT


we need an appreciatin' Haken thread - right now!:)

NOTIFY: N   |  REPLY  |  REPLY WITH QUOTE  |  TOP  |  HOME  

Friday, November 2, 2007 4:54 PM

JOSSISAGOD


Quote:

Originally posted by wytchcroft:
we need an appreciatin' Haken thread - right now!:)



Your wish, My command:
http://fireflyfans.net/thread.asp?b=5&t=31321

Appreciate Haken people!

Fe'nos Tol
JOSSIS(Most Definitely)AGOD

Self appointed Forsaken! Been on the list for a while now!
98% of teens have smoked pot, if you are one of the 2% that haven't, copy this into your signature.
"Look at me, I'm STUPID!" The Doctor.

NOTIFY: Y   |  REPLY  |  REPLY WITH QUOTE  |  TOP  |  HOME  

Friday, November 2, 2007 6:52 PM

SWEETESTHAT


Ladies and gentlemen, it's worse than a mere hack.

I run Kaspersky Anti-Virus, and when I surfed into the Blue Sun room just now, it notified me of malware and trojan files in the code.

Let me see if I can cut-and-paste the relevant info from the report:

Detected
--------
Status Object
------ ------
detected: malware Exploit.HTML.IESlice.z URL: http://www.yl18.net/Yahoo.htm//Yahoo
detected: Trojan program Trojan-Downloader.JS.Psyme.kf URL: http://www.yl18.net/vip.htm//vip

...................

11/3/2007 12:35:52 AM URL: http://www.yl18.net/Yahoo.htm//Yahoo detected malware 'Exploit.HTML.IESlice.z'
11/3/2007 12:35:52 AM URL: http://www.yl18.net/Yahoo.htm//Yahoo access denied

11/3/2007 12:35:54 AM URL: http://www.yl18.net/vip.htm//vip detected Trojan program 'Trojan-Downloader.JS.Psyme.kf'
11/3/2007 12:35:54 AM URL: http://www.yl18.net/vip.htm//vip access denied


While I suppose it could be a false positive, I kinda think not, especially so soon after the page got hacked.

Haken, maybe you might want to check into this? If you need any more info, e-mail me and I will send you the log file.





one of the FORSAKEN: We aim to burn!

NOTIFY: Y   |  REPLY  |  REPLY WITH QUOTE  |  TOP  |  HOME  

Friday, November 2, 2007 8:58 PM

HAKEN

Likes to mess with stuffs.


Yeah, it's not simple hack, but it also doesn't work as intended because the