Hobbes Council Member
Joined: 28 Jan 2005 Posts: 11208 Location: Vancouver, BC
|
Posted: Sun Apr 06, 2008 1:27 am Post subject: "What's Going On?" |
|
|
So, you all may have noticed LVI going down over the last couple weeks, with big weird lines of code at the top, and being unable to use the forums at all. This seems to go away for a few days, then return the next.
Well, this is because LVI is getting hacked.
We've had this problem before, with the exact same method of attack coming in. Basically, the hacker gets into our files somehow, and adds a line of code to the bottom of all the major pages (mostly index.php, if you know what that is). In this line of code is a link to his webpage that usually is either an advertising place, or some sort of virus/adware. This line of code screws up our forums systems and makes things unusable.
This hacker likely does this hack en-masse. As in, he made a robot that scans the internet looking for sites with the same weakness, and then hacks each of them - putting that line of code into millions of pages in total. By the end, he probably gets a ton of money from it, just from redirecting traffic or putting some virus or adware onto everyone's computers that somehow gives him info he can use to get more money.
In this case, I think this is what happened. The hacker probably got into LVI through our forum system - since it's a standard one, it's slightly out-dated, and it probably has some security holes that hackers are just figuring out and exploiting. With each new version of the forums, usually those holes are plugged, and so the hackers have to start at square one again, but once a forum's been around for a while they start to catch up. And now the hackers are circling around LVI - and all the other outdated forums out there - hoping to exploit the security holes.
Anyway, this hacker got in, and put a line of code in the bottom that links to a virus(or adware).
DON'T WORRY, it's probably not a malicious one - I opened the thing directly, and nothing's gone wrong. It's probably an internet-history-recording adware thing or something, because the hacker can then record that info and sell it to advertising agencies. And I think this hacker just wants some cash.
Anyway, the worst part about this isn't that he got in - because I can fix these attacks within 10 minutes - but that he *keeps* coming back. He probably put LVI on a big list of "suckers who can't stop my hack", and keeps looping through it, hacking us over and over
So where does that leave us?
Well, I mentioned this has all happened before (and will happen again bsg fans represent). So far, whenever this happens, I just update the forum software to the next version (like 2.01 to 2.02), and it covers up the hole for a few months until the hackers catch up. Unfortunately though, that's not as easy an option anymore since lately these forums went to the new, super-dee-dooper 3.0.0 version. It's gorgeous. It's awesome. But unfortunately, it doesn't support a lot of the modifications LVI is using right now. Our spoiler tags, a number of other misc ones, and most importantly: our main site's power mod - that takes all the functions of the forums and puts it into the main site (like comment forms on vid pages, voting, login, favorites system, etc) aren't supported yet. . Which means, if we want to upgrade - either we'll have to wait until they are, or I'm going to have to write those things myself ...
(Which I can do, just in case you're doubting my skillzzzz )
But it would take a ton of time. Like, days or weeks. And I just don't have that time right now - with finals these next two weeks. Soo, here's my plan:
Wait it out. If the hacker comes back, fix the damage and put up some light barriers to stop things.
Then, once I've got a bit more time, I'll get in here and upgrade the site . If we're lucky, the forum guys will have already made a new mod we can use. If not, then I'll just have to make one myself, and rewrite LVI's code all over again . We'll call it... LVI 5.1
Anyway, I thought I'd post this and keep everyone informed, so you know what's going down over the next few weeks . Hopefully that hacker doesn't return, but you never know. Also, if you were on LVI when the site was all wonky, you may want to do a virus scan, just in case. I'm pretty sure it's not very malicious, but you can't be too careful.
Thanks for listening , Wish LVI luck!
-Your friendly neighborhood webmaster |
|