Jump to content
netsmithUK

Tamiyaclub.com was hacked in Feb 2012

Recommended Posts

How about now? (TCPhotos is a seperate issue)

TC homepage fixed and password changed.

Forum password changed.

No TC Photos page available :(. (Any idea when back online ?)

Great job fixing things !

Share this post


Link to post
Share on other sites

I am just glad the site is back! :D I was lost without this place. :(

So the hackers have my e-mail address? :( so just watch out for spam e-mails? ;) I use different passwords for every site I use and most are stored in my head so no problems there.

Well done for getting the site running again so quickly. :)

Share this post


Link to post
Share on other sites
No TC Photos page available :(. (Any idea when back online ?)

Afraid tcphotos will be another couple of days. Although it wasn't compromised as part of this hack, the potential is there so I need to do everything I've done for TC for TCPhotos too. (I didn't actually think anyone used it any more - although I'm glad some people still find it useful.

Cheers

Chris

Share this post


Link to post
Share on other sites
Chris,

I found the file you mentioned this evening and, just to clarify to everyone, it contains *every* email address and password of 38000+ registered members, not just the 400 you reference in the original post.

A bit of good news I hope - it's clear from the file how the attack was done and it was not particularly sophisticated. SQL injection is script-kiddie stuff and if you've got a site that's been around as long as this one has, with a large number of SQL databases, PHP etc., there is always going to be a weakness. Although the note at the bottom claims it was 'Anonymous', I highly doubt this. I run my own sites as well and I know how difficult it is to make everything 100% secure, although password encryption might have been a good idea! Still, it looks like many members kept the site-generated password and probably stored it in in their browser, rather than using their own, so hopefully a lot of the data is useless.

I have, though, got 12 emails today from someone called 'Fun Girl' who would like me to download an attachment because she's desperate to meet me. Decisions, decisions.... :(

I've noticed "Fun girl" spam also, except on a mac, the attachment automatically appears as a girl, posing.... well, yeah... something like that...

I may have to adjust my spam filters...

NICE TO BE BACK! THANKS CHRIS!

Cheers,

Skottoman

Share this post


Link to post
Share on other sites

What a relief when it came back up!!

Just login and found "An error occurred on the server when processing the URL. Please contact the system administrator." did the site just went down again?

Share this post


Link to post
Share on other sites
Afraid tcphotos will be another couple of days. Although it wasn't compromised as part of this hack, the potential is there so I need to do everything I've done for TC for TCPhotos too. (I didn't actually think anyone used it any more - although I'm glad some people still find it useful.

Cheers

Chris

TC Photos is a BIG part of my online builds & inventory !

Thanks for the update !

Share this post


Link to post
Share on other sites
Should be working - email me the details of what email address you are using. Are you getting the email through? What message do you get on screen?

Chris

Chris, all sorted now, may have been the fact that I was trying to do it on my Iphone, done it on my laptop and it's worked.

Cheers, Tony

Share this post


Link to post
Share on other sites

Well done, minimised the damage there...

You have a good disaster recovery strategy in place, good to see. Thanks for your Herculean efforts getting the site up and running, and importantly for taking the time to contact TC members. Very much appreciated.

Thanks again.

Share this post


Link to post
Share on other sites

A few people are getting an error when they hit the home page. I'm pretty sure this is because I changed the way cookies worked after I made the site live again and after some of you had already reset your passwords. I may have fixed this issue now, but if you are still having problems please clear your browser cache for cookies from this site.

Cheers

Chris

Share this post


Link to post
Share on other sites

:( WooHoo i can live again , TC is back . Amazing the amount of time i'm on here . Gee it was two hard days , getting withdraws LOL .

Thank you Chris for your time & effort & of course anyone else that may have help you .

Share this post


Link to post
Share on other sites

Hi

Managed to update my login/password on the forum, but I am unable to get the password reminder on the mainsite.

After I have entered my e-mail address it comes up with

Your password has not instantly been sent because:

- You have never been a subscriber. It will be sent very shortly though

I have been a subscriber since Oct 11 - I am just being impatient?

Plus a big THANK-YOU for getting the site back up so quickly.

Rich

Share this post


Link to post
Share on other sites
Hi

Managed to update my login/password on the forum, but I am unable to get the password reminder on the mainsite.

After I have entered my e-mail address it comes up with

Your password has not instantly been sent because:

- You have never been a subscriber. It will be sent very shortly though

I have been a subscriber since Oct 11 - I am just being impatient?

Plus a big THANK-YOU for getting the site back up so quickly.

Rich

Thats a new message I just put in - it may not be 'wholly' acurate. :rolleyes:

Please can you send me a PM with the email address you are doing the reminder on.

Thanks

Chris

Share this post


Link to post
Share on other sites

I use 2 different email addresses and passwords for tamiyaclub. One for the mainpage, and one for the forum.

Which one should I be worried about?

Share this post


Link to post
Share on other sites
I use 2 different email addresses and passwords for tamiyaclub. One for the mainpage, and one for the forum.

Which one should I be worried about?

The one used on the main site. Although its probably not a bad idea to change both.

Share this post


Link to post
Share on other sites

Bummer.

I forgot the password i used for the main site, and changed it.

Now I dont know what password is in the hacker file, and dont know if I used it elsewhere.

Can someone with access to the file, send me a PM with my password. Email is webmaster (@) p1800 (.) dk

Share this post


Link to post
Share on other sites
:rolleyes: I would like too see this file as well . Thanks . /\ Please .

Share this post


Link to post
Share on other sites

Please watch the hacker chat guys - I don't want this to be seen in anyway a challenge for them. The web is full of stories of websites where they boasting they had beat the hackers only to be taken offline completely later on. As others have pointed out you can't really completely win against team of people doing their best to break stuff - particularly when you are one man band.

As bad as it was, we were fortunate this time in that no 'physical' damage was done and it wasn't an attack on the server itself - such as a denial of service attack where they just try and swamp your server with traffic until it gives up. I'd rather not give them any reason to try and take it to the next level.

Cheers

Chris

Share this post


Link to post
Share on other sites

For people not getting password reminders through, can I ask if you have any server side spam filtering enabled. I've just looked at the server and I'm getting a few of this type of issue

--------------------------

Description:

Message delivery to the host '[ip address of destination email host]' failed while delivering to the remote domain '[domain name email is on]' for the following reason: The connection was dropped by the remote host.

--------------------------

I've had people say after trying the same process several times it can work, which is strange as I can TC system sending out the same thing each time, so why one gets through I dont know.

Chris

Share this post


Link to post
Share on other sites

Terrible, just cant really understand what the hackers have to gain other than kudos from their peers. It just goes to show how exposed we all are on the net and that we should be more carefull with our own passwords.

I use the same password for a few things and had a bit of a blaise attitude but seeing what I could have lost in my Paypal this week has really made me think.

And I must thank Andy (Twinset) who went out of his way to help me out this week when it all went pear shaped - I owe you a beer!

Big shout out to the old school spring drive massive - it will never be the same like the halcyon days of rave in the 90's!

post-1097-1330551909_thumb.jpg

Share this post


Link to post
Share on other sites

Hi Chris,

I also echo everyones 'Thanks' in sorting out the problem that occurred. These things happen, not a nice experience however, at least we still have a useable site following the problem.

Just to add, i have managed to log into the forums however, can't get onto the home page at all? Is there a way around this?

Many thanks,

Andy

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×
×
  • Create New...