hacked: www.madphilosophers.com / need help

DirtRider · October 10, 2008, 02:20:21 AM

Quote from: willem-sp on October 10, 2008, 12:39:54 AM

Guess we won't be needing that extra forum now, DirtRider, but thank you so much for helping us here. I do hope you'll drop by !

Yes it was fixable once we got the CP details

, and I will be dropping by as you seem to have a good community going your side

henry quirk · October 10, 2008, 03:49:31 PM

gentlemen, ladies, who- or what-ever:

this will probably be my last post here (i'm no tech-head...hammers and nails are my speed), but, before i trundle off: i just wanted you fine, simple machines, folk to know how much 'we who war in madphilosophers' appreciate the work and the effort you all put into getting our place up and running

you were all helpful, efficient, and more than effective

thank you much! --henry quirk

CarlT100 · October 12, 2008, 11:22:02 AM

Like Henry, I am not much of a geek; but I am impressed with the help and support offered by the folks on this forum. I learned a lot from reading the thread. It makes me appreciate that Dirtrider is the administrator of our Triumph Talk Talk forum. He keeps the forum software up to date - especially the security measures.

Ben_S · October 25, 2008, 06:36:35 PM

Did you analyse the access logs which are hopefully available in cPanel to find out how he got in?

Deprecated · October 25, 2008, 09:37:51 PM

Quote from: Ben_S on October 25, 2008, 06:36:35 PM
Did you analyse the access logs which are hopefully available in cPanel to find out how he got in?

The database was stolen in an event documented here at SMF last month. The Mad Philosophers website was compromised by a hacker who seized control and attempted to extort donations from members. The SMF Attack Force regained control of their site for them, and ousted the hacker.

Evidently at that time the hacker downloaded the forum database using SMF's backup function. (He never had cPanel access.) This is undoubtedly the source of the hacked database. It will turn out to be SMF 1.x, before the database was upgraded to 2.0 and the site converted. Today they are running the very secure SMF 2.0 Beta 4.

So the hacker stole this file while he was in control of the site. All the admin passwords have been changed since then.

henry quirk · October 28, 2008, 11:19:41 AM

well, folks, it seems mpg has a new problem

here's a copy of part of my post to mpg yesterday that explains the problem...

-----

in my [email protected] box i began receiving messages like this one...

from hxxp:epsychology.us [nonactive] <[email protected]>
to [email protected]

date Mon, Oct 27, 2008 at 2:59 PM
subject Topic removed: The ultimate issue : freedom vs. forced equality

hide details 2:59 PM (37 minutes ago) Reply

A topic you are watching has been removed by Joseph.

Regards,
The hxxp:epsychology.us [nonactive] Team.

...the above is reflective of a whole ******load of these with topics reflecting the threads here in mpg that have popped in my personal box

i did a goggle search and came up with this...

hxxp:www.epsychology.us/forum/ [nonactive]

...and i'm perplexed

is mpg supposed to be echoed or mirrored in an entirely different site?

interestingly: when i signed in as a member of this other site, i was recognized as a member

it's interesting since i never applied for membership with hxxp:epsychology.us [nonactive]

i deleted (or requested deletion) from the hxxp:epsychology.us [nonactive] site: an act that doesn't seem to have an effect on my mpg membership... --henry

-----

...this other site -- hxxp:epsychology.us [nonactive] -- is a simple machines construct, just as mpg

so: any suggestions on how we at mpg terminate this mirroring, or, if we even should terminate this mirroring?

as i said: a great many threads and posts copied from mpg have been deleted, but a great many still exist

also: many of the members listed in hxxp:epsychology.us [nonactive] are mpg members who, i'm certain, did not subscribe to hxxp:epsychology.us [nonactive]

and: i resubbed with hxxp:epsychology.us [nonactive] this morning and asked pointedly why so many threads, posts, and members from mpg are echoed in hxxp:epsychology.us [nonactive]

again: any suggestions? --henry quirk

青山素子 · October 28, 2008, 11:32:08 AM

There was another topic about this. It seems that during the hacking, the database was stolen and was sold to at least two parties. I'd recommend informing the admins at madphilosophers about this clone board so they can take action.

SlammedDime · October 28, 2008, 11:34:07 AM

As MC said... looks like this is one of the persons what stole or purchased the stolen database...

henry quirk · October 28, 2008, 12:30:04 PM

I'd recommend informing the admins at madphilosophers about this clone board so they can take action.

done and done!

looks like this is one of the persons what stole or purchased the stolen database

yep: look see... hxxp:www.epsychology.us/forum/index.php/topic,4232.msg56495/topicseen.html#msg56495 [nonactive] --henry

J. S. · October 28, 2008, 01:38:20 PM

I am the owner of epsychology.us. I purchased the database from http://forums.digitalpoint.com/. I was asking the guy if he is the owner of madphilosophers.com and he told me he is not, but he has resale rights. I sent another PM asking if he is sure that the DB is not stolen. He told me that he is sure.

Considering what I read here I cannot be sure that I am using the database in a legitimate manner. Here are the details of the guy I have purchased it from:

QuoteTransaction ID:       3HE34069TF286984V
Seller Name & Email:       Tyler Lower, hurley[hiden_part_here]@yahoo.com
Transaction Amount:       -$20.00 USD
Transaction Date:       Oct. 25, 2008

I have opened a paypal dispute to get my money back (even if it is only $20).

QuoteDear Szenasi Iosif,

Your Significantly Not as Described dispute for the payment you sent to
Tyler Lower on Oct 25, 2008 (Transaction 3HE34069TF286984V) is now open.

I will remove all the content I have from madphilosophers.
Until then, my forum is closed.

Deprecated · October 28, 2008, 01:43:38 PM

J. S. thank you for your very quickly recognizing the ethical problems and taking decisive action. I applaud your honesty and cooperation for doing so.

I have sent you the email contact address for the true and correct owner of MadPhilosophers.com if you desire to discuss the situation with the owner.

J. S. · October 28, 2008, 01:48:05 PM

I have already found out the e-mail and contacted the owner. Anyways, I have removed the duplicated content and apologies for the created issue.

He got banned from DP.

Deprecated · October 28, 2008, 02:14:40 PM

Too bad he couldn't focus as much effort into earning an honest income instead of his lying, cheating and stealing.

Any honest and reasonably intelligent person should be able to earn $100 just as easily as a dishonest person can steal $100.

henry quirk · October 28, 2008, 03:22:51 PM

js,

sorry i had to be the bearer of such bad news for you

i hope you get the bastard, and your cash

and: your forum is a good idea...don't kill it off: just build it up... --henry

J. S. · October 28, 2008, 03:39:34 PM

That is what I am doing. I am starting a brand new forum.

About that guy... he doesn`t want to give the money back, that was his answer, he sugested to use the database for something else if I cannot use it as a forum. What can be that "something else"? Only spam, I suppose.
I dunno if paypal will give my money back. Anyways, that`s it... i won`t get poorer with this..

Deprecated · October 28, 2008, 05:07:38 PM

File a dispute with PayPal. I'm sure the forum owner who owns that database would put in a word for you.

palofdru · October 28, 2008, 11:32:39 PM

Quote from: J. S. on October 28, 2008, 01:48:05 PM
I have already found out the e-mail and contacted the owner. Anyways, I have removed the duplicated content and apologies for the created issue.

He got banned from DP.

wow. Anybody look at the recent posts of this banned member???

It proves what I've been saying for years: Hacking website (and selling the stolen proceeds) is BIG business and not just the 'defacement' stuff of script kiddies now.
A forum, more than any other site, is a veritable gold mine of exploitable data.

Night09 · October 29, 2008, 01:25:02 PM

This might be interesting to watch.It shows how useless some of these hackers actually are and how they try their best to hack you.Its BBC content so is decent quality stream. http://news.bbc.co.uk/1/hi/technology/7438812.stm

DirtRider · November 10, 2008, 11:05:59 PM

While would you want to purchase someone else's database if you were starting up a forum. I would imagine this would only cause confusion all round. I could understand the spammer wanting it for all the contacts

Deprecated · November 10, 2008, 11:35:45 PM

This topic is getting old...

You might want to purchase an old database if you wanted to start a forum and make it appear that you were a long time established forum with many members. You could even make a few fake members to keep it going until real members started joining...

Some people resort to desperate measures to get what they want.

News:

hacked: www.madphilosophers.com / need help