A Rather Sad Announcement 06-01-2013, 05:43 PM
#1
There's no nice way of announcing this. I won't candy-coat feces and expect you guys to eat it. Without a doubt, this is a bad situation.
Unfortunately, the site was defaced late last night and it is possible the culprits obtained a backup of the database. Within 2 minutes of the deface being up, I had removed it and shut off the site's services (mysql.d, php-fpm, and nginx). After going through logs, it was apparent the attackers had access to the server prior to placing the deface. If I wanted to, I could probably lie to you all and pretend it never happened. Obviously, you guys know me, and you know I'd never betray your trust or do something like that.
Although our track record for security has been flawless, it makes sense that something like this happened. I have been up all night going through logs, talking with people, planning, and stuff like that. From the logs, it appears the attackers managed to obtain the password of a staff member and imported a shell from the admin panel. With that shell, it is likely that they obtained the database and they took a copy of the theme. The database is just data and the theme is just styling. We know where our users are!
To protect the users of Sinisterly, I will force a password change on everybody. Since there is a possibility the database was compromised, this is necessary. I have also moved our site to our backup box until the previous box is deemed safe again. This shouldn't happen again, although there is always the slim possibility of an aftershock from events like these. I will do my best and continue devoting my time towards Sinisterly. Let's take this event as encouragement to make the forum even more awesome and not let it keep us down!
Drop your questions and concerns below. I will definitely try to respond to all of your posts.
Unfortunately, the site was defaced late last night and it is possible the culprits obtained a backup of the database. Within 2 minutes of the deface being up, I had removed it and shut off the site's services (mysql.d, php-fpm, and nginx). After going through logs, it was apparent the attackers had access to the server prior to placing the deface. If I wanted to, I could probably lie to you all and pretend it never happened. Obviously, you guys know me, and you know I'd never betray your trust or do something like that.
Although our track record for security has been flawless, it makes sense that something like this happened. I have been up all night going through logs, talking with people, planning, and stuff like that. From the logs, it appears the attackers managed to obtain the password of a staff member and imported a shell from the admin panel. With that shell, it is likely that they obtained the database and they took a copy of the theme. The database is just data and the theme is just styling. We know where our users are!
To protect the users of Sinisterly, I will force a password change on everybody. Since there is a possibility the database was compromised, this is necessary. I have also moved our site to our backup box until the previous box is deemed safe again. This shouldn't happen again, although there is always the slim possibility of an aftershock from events like these. I will do my best and continue devoting my time towards Sinisterly. Let's take this event as encouragement to make the forum even more awesome and not let it keep us down!
Drop your questions and concerns below. I will definitely try to respond to all of your posts.
![[Image: fSEZXPs.png]](https://i.imgur.com/fSEZXPs.png)
![[+]](https://sinister.ly/images/modern/collapse_collapsed.png)
![[Image: tumblr_noac9s6rgw1tvnnaxo1_500.gif]](https://33.media.tumblr.com/95c52b25dceea2bedb89888221404c11/tumblr_noac9s6rgw1tvnnaxo1_500.gif)
![[Image: crypto-gambling.net-logo-205x40.png]](https://crypto-gambling.net/wp-content/uploads/2020/10/crypto-gambling.net-logo-205x40.png){kind=logo}
![[Image: tenor.gif]](https://media.tenor.com/images/40e171e6954998e4c640c1a106cd238c/tenor.gif)
![[Image: 8536321abf.jpg]](http://puu.sh/kt29S/8536321abf.jpg)
Me and Lux are the realest users here.
![[Image: BAvhP6h.png]](http://i.imgur.com/BAvhP6h.png)