LF security breach

[stoffe]

It came to our attention a couple of days ago when some friendly neighborhood hacker paid a visit with a stolen supermod account, that Lucasforums had a security breach that resulted in at least parts of its usernames and passwords being downloaded, including the login/password of a few staff members.

 

As far as I've been able to determine this breach seems to have happened over 3 years ago, before the forum was upgraded, though at least some of the account information stolen at the time is still valid.

 

From what I've been able to determine after a couple of days of frantic searching and code reading the SQL injection security vulnerability exploited to do this is no longer present in the version of vBulletin we currently use. I've also taken a few extra security precautions just in case.

 

The Blog feature has been disabled until I've had the time to check it thoroughly for vulnerabilities as well. No time table on how long that will take, but from what I've seen it wasn't used that much anyway, so it's pretty low priority at this point.

 

So, if you haven't changed your password in a while, now would probably be a good time to do it, just to be safe.

 

Apologies for the downtime over the past few days, but I felt it was better to play it safe and take the forum offline until this could be more thoroughly investigated and remedied.

[Bob Lion54]

Damnit! What is it lately with these hackers?!

 

Good to know you are on it, stoffe! Thanks for the great work you do to keep these forums going!

 

I am a bit sad to see that I won't be able to not blog for a while, though, but I wasn't in a great hurry to not blog anyway. Still, hopefully it doesn't turn into too big a hassle for you.

[Liverandbacon]

Damnit! What is it lately with these hackers?!

 

It happened over 3 years ago.

 

Oh well, I'm glad it got resolved, and luckily my account here has never contained information that would cause any big problems for me if used or spread across the internet.

[Bob Lion54]

It happened over 3 years ago.

 

Oh, well it's alright then.

[mimartin]

stoffe has about every badge imaginable on the forum, but she deserves a forum savior badge. She goes above and beyond to keep the place running and everyone that enjoys hanging around this place owes her a debt of gratitude. She regularly gives up her weekends and sleep keeping that place afloat. stoffe does most of her work out of sight, but she in my opinion is the most important staff member only important staff member… well besides lynk.

 

So please help her out by changing your password to something more complicated than…cat.

[Q]

3 years ago? Wow. Was it found by mistake?

 

Thanks, stoffe.

[Darth Avlectus]

You know, I suspected something like this was going on but I had no way to prove it. I don't believe I ever used anything on here that would cause much a security concern. But um, yeah.

 

Thanks Stoffe. I hardly ever agree with mim anymore on a lot of things but yeah. I think there ought to be a Forum Savior badge specially made and given to her.

[mimartin]

I hardly ever agree with mim anymore on a lot of things but yeah.

Just proves; Even a blind squirrel finds a nut once in a while.

[purifier]

Just proves; Even a blind squirrel finds a nut once in a while.

 

Well now that depends...which nut are we talking about here?

 

 

*Ahem!*

 

Anyway, I agree with Mimartin and GTA, she deserves a Forum Savior Badge. Good job Stoffe and everyone else that was involved, helping her.

[Ulmont]

Great job finding this! (Even it it was a bit late)

 

Four's company, you deserve a badge.

 

[acdcfanbill]

We believe the user database dump is 3+ years old. The 'hack' was recent in that an smod account was used by a 3rd party for some suspicious purposes.

[Darth Avlectus]

Just proves; Even a blind squirrel finds a nut once in a while.

 

Hmm, hunting aspirations for a blind rodent that is essentially a scavenger... I have a pretty good guess at the source of that bad taste in your mouth.

[Lynk Former]

You know, I suspected something like this was going on but I had no way to prove it.

That's stupid.

[Darth Avlectus]

That's stupid.

 

Why is that stupid? I was referring to how the blog section recently kept getting the same sort of crap about "watches carpets houses cars jewelry". I suspected it all from the same spammer source based on its appearance and substance--which apparently doesn't mean much evidence wise. Not until people are getting hurt anyway.

[Lynk Former]

Spambots and hackers are two entirely different things.