Are hackers winning this game?

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Are hackers winning this game?

    As you may know, ChessTalk has been down since Saturday. We notified the company...Lunarpages on Sunday morning that there was a problem...and it took until today for them to finally install a back-up.

    I am not sure what is happening but I feel like the hackers are ahead of the curve. On Monday of this week, they hacked into our Bank accounts. Banks don't call it hacking...they say..."your account has been compromised"...it sounds better :).

    At least we are back up and operational...for now :)

    Larry

  • #2
    Re: Are hackers winning this game?

    Originally posted by Larry Bevand View Post
    As you may know, ChessTalk has been down since Saturday. We notified the company...Lunarpages on Sunday morning that there was a problem...and it took until today for them to finally install a back-up.

    I am not sure what is happening but I feel like the hackers are ahead of the curve. On Monday of this week, they hacked into our Bank accounts. Banks don't call it hacking...they say..."your account has been compromised"...it sounds better :).

    At least we are back up and operational...for now :)

    Larry
    Seems that you should look for a better hosting company. If it took Lunarpages THAT long to install a backup then you definitely need to find a hosting company that knows what they are doing...

    Bigger question is: 'what caused the outage?' and the follow-up: 'what are you doing to prevent that from happening again?'. Restoring a backup will get the site up and running again but unless you find and fix the problem it will simply happen over and over. Perhaps the version of vBulletin you are using is outdated or unpatched or otherwise vulnerable to hackers.

    I realize you are running ChessTalk as a service to the chess community (and Thanks for that by the way!) but there may be some non-trivial costs associated with making this run correctly. Good luck with all that (and I realize running software on servers is not anywhere near your core business... it just seems like it is part of the whole operation, much like having corporate taxes done, accounting and bookkeeping etc.
    ...Mike Pence: the Lord of the fly.

    Comment


    • #3
      Re: Are hackers winning this game?

      The problem you experienced is a well known problem with Vbulletin software that is being used for these forums. Basically what happened is that Vbulletin has a security flaw where malware exists that allows one to register as an admin and then destroy the site. It appears to me that VBulletin's configuration files on your site were destroyed and Lunar probably had to reinstall Vbulletin.
      Whoever did it knew what they were doing and I would guess that you just experienced a State sponsored attack.It is not a coincidence that your bank accounts were also hacked.
      You should be looking at new registrations on the forum and deleting any new registrations that show a admin privileges. Vbulletin has not issued a patch for this flaw yet.
      You should be contacting the authorities. The Canadian government has a team devoted to cyber crimes.

      Originally posted by Larry Bevand View Post
      As you may know, ChessTalk has been down since Saturday. We notified the company...Lunarpages on Sunday morning that there was a problem...and it took until today for them to finally install a back-up.

      I am not sure what is happening but I feel like the hackers are ahead of the curve. On Monday of this week, they hacked into our Bank accounts. Banks don't call it hacking...they say..."your account has been compromised"...it sounds better :).

      At least we are back up and operational...for now :)

      Larry
      Last edited by Sid Belzberg; Wednesday, 4th June, 2014, 02:57 PM.

      Comment


      • #4
        Re: Are hackers winning this game?

        Originally posted by Sid Belzberg View Post
        The problem you experienced is a well known problem with Vbulletin software that is being used for these forums. Basically what happened is that Vbulletin has a security flaw where malware exists that allows one to register as an admin and then destroy the site. It appears to me that VBulletin's configuration files on your site were destroyed and Lunar probably had to reinstall Vbulletin.
        Whoever did it knew what they were doing and I would guess that you just experienced a State sponsored attack.It is not a coincidence that your bank accounts were also hacked.
        You should be looking at new registrations on the forum and deleting any new registrations that show a admin privileges. Vbulletin has not issued a patch for this flaw yet.
        You should be contacting the authorities. The Canadian government has a team devoted to cyber crimes.
        The last time I looked, this site still had at least one ADMIN account that was a 'bot. And Lord knows how many run-of-the-mill 'bot accounts.

        Steve

        Comment


        • #5
          Here a bot, there a bot, everywhere a bot, bot, bot, ...

          Originally posted by Steve Douglas View Post
          The last time I looked, this site still had at least one ADMIN account that was a 'bot. And Lord knows how many run-of-the-mill 'bot accounts.

          Steve
          The admin 'bot is gone (for now). You're right about the run-of-the-mill 'bots, however. And even as (English language) moderator I can't do a thing about obvious 'bots on the French side or 'bot postings on the blog feature here. The CFC has made a few improvements that might be worth copying (hint, hint).
          Dogs will bark, but the caravan of chess moves on.

          Comment

          Working...
          X