VO-BB - 20 YEARS OLD! Forum Index VO-BB - 20 YEARS OLD!
Established November 10, 2004
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

Ouch Voices.com Hacked!
Goto page Previous  1, 2, 3, 4  Next
 
Post new topic   Reply to topic    VO-BB - 20 YEARS OLD! Forum Index -> Chat
View previous topic :: View next topic  
Author Message
Tom Greenlee
DC


Joined: 24 Mar 2006
Posts: 686
Location: Divide, Colorado (above the clouds)

PostPosted: Sat Apr 14, 2007 8:09 pm    Post subject: Reply with quote

script kiddies?
_________________
TG2

"Communication without intelligence is noise; Intelligence without communication is irrelevant."

Gen. Alfred. M. Gray, USMC
Former Commandant of the Marine Corps
Back to top
View user's profile Send private message Send e-mail Visit poster's website
Deirdre
Czarina Emeritus


Joined: 10 Nov 2004
Posts: 13024
Location: Camp Cooper

PostPosted: Sat Apr 14, 2007 8:15 pm    Post subject: Reply with quote

The Turks hacked us a few months after we were up and running.
Dunno if they can get into the phpBB architecture now.

Before Voices.com had the Apache page up, there was a bunch of anti-western/anti-war stuff written in Turkish.
_________________
DBCooperVO.com
IMDB
Back to top
View user's profile Send private message Send e-mail Visit poster's website
TDAVID
Contributor


Joined: 07 Apr 2007
Posts: 31
Location: Denver, CO

PostPosted: Sat Apr 14, 2007 8:15 pm    Post subject: Reply with quote

still can't login to Voices.com
Back to top
View user's profile Send private message Send e-mail Visit poster's website AIM Address
Hart
Assistant Asylum Chief


Joined: 03 Jan 2006
Posts: 2107
Location: Foley, AL

PostPosted: Sat Apr 14, 2007 8:17 pm    Post subject: Reply with quote

Voices seems only partially up. I can get to the blog but not the login page. I don't think I'd want to supply my username and password right now anyway though.

That sucks.

I'm also getting "server error" messages on some of the links.
_________________
Hart Voice Overs Blog
Brian Hart Productions


Last edited by Hart on Sat Apr 14, 2007 8:18 pm; edited 1 time in total
Back to top
View user's profile Send private message Send e-mail Visit poster's website
Deirdre
Czarina Emeritus


Joined: 10 Nov 2004
Posts: 13024
Location: Camp Cooper

PostPosted: Sat Apr 14, 2007 8:17 pm    Post subject: Reply with quote

Can you see their home page?

The php login page is currently blank.

Give them some time to re-load their database and for the info to make it across the network.
_________________
DBCooperVO.com
IMDB


Last edited by Deirdre on Sat Apr 14, 2007 8:18 pm; edited 1 time in total
Back to top
View user's profile Send private message Send e-mail Visit poster's website
alextorrenegra
Guest





PostPosted: Sat Apr 14, 2007 8:17 pm    Post subject: Reply with quote

Hey! Thank you all! Thank you Deirdre.

I got your email on my cell and called out IT team right away to keep a closer eye in our servers. So far nothing strange has happened in Voice123. We may be able to find if somebody was trying to hack us after analyzing the logs.

Once again, thank you all for your help!
Back to top
Deirdre
Czarina Emeritus


Joined: 10 Nov 2004
Posts: 13024
Location: Camp Cooper

PostPosted: Sat Apr 14, 2007 8:23 pm    Post subject: Reply with quote

I'm glad V123 is safe and sound!

I am very thankful to Rich Gates for flagging this problem in the first place.
_________________
DBCooperVO.com
IMDB
Back to top
View user's profile Send private message Send e-mail Visit poster's website
TDAVID
Contributor


Joined: 07 Apr 2007
Posts: 31
Location: Denver, CO

PostPosted: Sat Apr 14, 2007 8:34 pm    Post subject: voices Reply with quote

I still can't get into Voices.com. Looks like they're still dealing with it.
Back to top
View user's profile Send private message Send e-mail Visit poster's website AIM Address
TDAVID
Contributor


Joined: 07 Apr 2007
Posts: 31
Location: Denver, CO

PostPosted: Sat Apr 14, 2007 8:37 pm    Post subject: Vioce 123 Reply with quote

Hi Alex. How'd you like Hoover Dam? I got a 'hacked' message on V123 earlier in the evening on the 'login' button. but it appears to be fixed now.
Back to top
View user's profile Send private message Send e-mail Visit poster's website AIM Address
Gp
Guest





PostPosted: Sat Apr 14, 2007 10:37 pm    Post subject: Reply with quote

Voices seems to be fine now. In fact, the link now lists a talent page with Amy Snively in the top spot. Nice work Amy, CONGRATS. (scroll down a little to movers and shakers. On the "Top Rated" column sitting at the number one spot is the VO-bb's Amy Snively. Ok well not literally....but you get the idea.)
Back to top
Bailey
4 Large


Joined: 04 Jun 2005
Posts: 4336
Location: Lake San Marcos... north of Connie, northwest of the Best.

PostPosted: Sat Apr 14, 2007 11:18 pm    Post subject: Reply with quote

Tom Greenlee wrote:
I don't get it.....out of all the businesses that matter...they pick voices.com and v123 to hack? odd choices for hackers I think.

Odd choices... I think not. At a time when so much verbage is flying across the Internet about VOICES 2007.
louzucaro wrote:
Let's put it this way...it was likely random and automated.

Clearly automated... but "two" specifically chosen sites. When you want to make an impact... choose BIG targets.
Reminds me of 9/11.
... but then, I'm probably letting my thoughts run wild.
_________________
"Bailey"
a.k.a. Jim Sutton
Retired... Every day is Saturday, except Sunday.
VO-BB Member #00044 W00T.gif" alt="W00T" border="0" />
AOVA Graduate 02/2004 ;
"Be a Voice, not an Echo."Ninja
Back to top
View user's profile Send private message
allensco
Flight Attendant


Joined: 30 Jul 2005
Posts: 823
Location: Alabama, USA

PostPosted: Sun Apr 15, 2007 6:56 am    Post subject: Reply with quote

Voices.com front page is available...but no login.

My server was hacked a couple of years ago by "The Chinese", as they called themselves. Not much damage...just inconvenience. I reloaded the website from my files and all was well. Since then, my php board was hit. My fault as I had not updated the php software to the latest version and a vunerability was used. They made a mess of it this time. I had to completely redo everything and my database backup was a few weeks old. That taught me a lesson and now I keep it updated to the latest version and do weekly backups of the database.

The server is located here in my house and "The Chinese" got it before I relocated it here to my home and whoever got the php board did after it was moved. My firewall seems to be holding up well and only port 80 is visible to the outside. The mail and FTP services are turned off as they are not needed. The only way to make changes to anything on it is to be on my internal network. No outside access is allowed...except for port 80.
Back to top
View user's profile Send private message Send e-mail
louzucaro
The Gates of Troy


Joined: 13 Jul 2006
Posts: 1915
Location: Chicago area

PostPosted: Sun Apr 15, 2007 7:02 am    Post subject: Reply with quote

Bailey wrote:
Clearly automated... but "two" specifically chosen sites.


Well we don't really know that...after all, we don't know what other sites were hit.

As an example...

- John Q. Public hasn't updated his computer in a while
- Visits a site with a malicious bit of code
- Site plants a bot on John's computer
- Bot runs and goes through John's e-mail address book and sends out a bogus e-mail with links to the malicious site to try to get other unprotected users
- Bot goes through John's favorites and tries the hack on every page of every website in his favorites folder

In reality the effects could have been seen on hundreds of websites or at least the subset of them not protected from that type of attack, but the focus here was on those two because they're relevant and people here check them often.

Allen, it's likely a script hack...it works through port 80 if the script in question isn't properly written to protect against it.
_________________
Lou Zucaro
http://www.voicehero.com

"Well, yeah, there's my favorite leaf!"


Last edited by louzucaro on Sun Apr 15, 2007 8:34 am; edited 1 time in total
Back to top
View user's profile Send private message Visit poster's website
Yoda117
M&M


Joined: 20 Dec 2006
Posts: 2362
Location: Philadelphia, Pennsylvania

PostPosted: Sun Apr 15, 2007 7:24 am    Post subject: Reply with quote

Tom Greenlee wrote:
I don't get it.....out of all the businesses that matter...they pick voices.com and v123 to hack? odd choices for hackers I think.


this was most likely based on an existing vulnerability that has been in the wild for some time. You use google (the hacker's best friend as far as tools go), search for the vulnerability (usually by file name or BB version number), and then apply a kiddie script to exploit the vulnerability.

It's either that, or Lou's suggestion... especially with the recent 0-day exploit that's come out (one of the variants does allow for this type of attack).
_________________
Voiceovers by Gregory Houser
Philadelphia based Voice Actor

Blog - A man, a martini, and a lot of microphones
Back to top
View user's profile Send private message Visit poster's website AIM Address Yahoo Messenger
Dave
Lucky 700


Joined: 11 Nov 2004
Posts: 727
Location: Houston, Texas

PostPosted: Sun Apr 15, 2007 8:14 am    Post subject: Reply with quote

Three weeks ago all three of my websites (two voiceover sites and my internet radio stations) were hacked by these guys. Grrrrrrrrr!!!!!! Course, at the time I thought it was just a random thing... but now... I dunno!
_________________
. If at first you don't succeed, then bomb disposal probably isn't for you.
Back to top
View user's profile Send private message Send e-mail Visit poster's website
Display posts from previous:   
Post new topic   Reply to topic    VO-BB - 20 YEARS OLD! Forum Index -> Chat All times are GMT - 7 Hours
Goto page Previous  1, 2, 3, 4  Next
Page 2 of 4

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Powered by phpBB © 2001, 2005 phpBB Group