http://www.reddit.com/r/Bitcoin/comments/1nw4py/something_awful_forums_admit_responsibility_for/
Topic: About the recent attack - page 5. (Read 13991 times)
Any idea what this is about?
http://www.reddit.com/r/Bitcoin/comments/1nw4py/something_awful_forums_admit_responsibility_for/
http://www.reddit.com/r/Bitcoin/comments/1nw4py/something_awful_forums_admit_responsibility_for/
Theymos - Thank you for keeping the forum warm. If people complain, maybe they should go camping with another forum 
What do you mean.
Are you not happy to see forum back again?
theymos, upgrade smf for the love of Christ.
I agreed with r3wt. From my understanding there was a security patch for the 2.0 but not 1.1.18 in 1st October. They stop patching 1.1.18. I think it is time to upgrade. Also I suggest you use either Nessus or OpenVAS to scan the forum to see if there are any other problem with the webserver configuration.
Thanks for your vigilance Theymos. I'd also like to thank you for taking the site down quickly and leaving it offline until you could ensure security. Plenty of admins would have just gotten it back up as quickly as possible for the sake of revenue.
Good to see the forum back 
Thanks theymos and others for getting it up and running again.
It might be worth while bolding the statement below in the original post as a lot of members could easily miss it:
Thanks theymos and others for getting it up and running again.It might be worth while bolding the statement below in the original post as a lot of members could easily miss it:
The attacker may have modified posts, PMs, signatures, and registered Bitcoin addresses. It isn't practical for me to check all of these things for everyone, so you should double-check your own stuff and report any irregularities to me.
So this site has backdoor since 2011?
thanks for the update! 
Anyone care to summarize the 2011 annoyance. Was that the Bill Cosby incident?
http://buttcoin.org/bitcointalk-forums-hacked-bill-cosby-pimping-new-cosbycoins%E2%84%A2-to-all-the-members-breaking
(.......)
How the attack was done
I believe that this is how the attack was done: After the 2011 hack of the forum, the attacker inserted some backdoors. These were removed by Mark Karpelles in his post-hack code audit, but a short time later, the attacker used the password hashes he obtained from the database in order to take control of an admin account and insert the backdoors back in.
(.......)
How the attack was done
I believe that this is how the attack was done: After the 2011 hack of the forum, the attacker inserted some backdoors. These were removed by Mark Karpelles in his post-hack code audit, but a short time later, the attacker used the password hashes he obtained from the database in order to take control of an admin account and insert the backdoors back in.
(.......)
Anyone care to summarize the 2011 annoyance. Was that the Bill Cosby incident?
What do you mean.
Are you not happy to see forum back again?
theymos, upgrade smf for the love of Christ.
What do you mean.
Are you not happy to see forum back again?
Ignore button is shining upon r3wt.
very happy at least its back and now I can do again all which I was doing before this closing 
What do you mean.
Are you not happy to see forum back again?
Goodjob theymos.
Was the javascript they entered in the forums harmful? I'd like to know more about that.
No, we determined that it was merely fun and completely harmless. We lucked out big time... 
Changed my passwords in other places where I used it. It was about time anyway.
This helped a lot:
$ makepasswd --chars 16
uvULbCpFLKg9phb2
...
This helped a lot:
$ makepasswd --chars 16
uvULbCpFLKg9phb2
...
Was the javascript they entered in the forums harmful? I'd like to know more about that.
The forum is now on a new server inside of a virtual machine
Security-wise what does this get you? Or is this just a 'fyi, we moved' thing.
Jump to: