4 replies to this topic

[Mully]

When you type "Nerfhaven" into Google, the first thing that pops up, is, of course, NH. But below the name of the website, and url, or whatever that bit of green text is, there's a warning that I've noticed for about a week now, that suggests that "this site may be hacked." It was a link, I hit it, and it directed me to this page in google's troubleshooting directory.
Admin's, are we good? I hope the warning popped up because of the recent influx in spam-bots, I just want to be sure.

Edited by Mully, 21 February 2014 - 11:15 PM.

[Ice Nine]

The administration is aware of the problem and is working hard to find a solution. My (poor) understanding of the situation is that there's some kind of spammy injection going on such that when Google's crawlers visit the site, they see pop-up Viagra ads. Thankfully, users don't see this, but it causes Google to raise a flag.

Thanks for the concern. It's being worked on.

[snickers]

they see pop-up Viagra ads.

Hahaha, the irony.

[DX-Robert]

Take your passwords dead seriously. A good exercise to decrease your personal vulnerability is to review all your online accounts and to make sure that:

A: No password is repeated (at least anywhere you care about)
B: You've used the maximum search space allowed (some places disallow special characters, set a max length limit, etc)
C: Your email account logins are bulletproof (as Email access can be the most catastrophic single point of failure in your entire online identity). 2 factor authentication, massive password, opt out of paperless bank statements, delete or move out old emails that tell an attacker what accounts are linked with that email address (stop getting those notifications if possible like on Facebook). Don't use an app that automatically logs you into email on mobile unless it's a separate address. Consider splitting your important accounts between several email addresses that nobody knows about yet.

The best way to make passwords, albeit the toughest to remember, is to use a random password generator with a truly random method for entropy. If you're too lazy for that, just make your password really long (pad it) and as long as you've got at least one of each of the A-Z,a-z,0-9,special character types included, it will never be broken by classical computers. Even if the database containing your (hopefully encrypted, hopefully not md5) password is hacked, you will be able to change it well before anyone can successfully brute force it. What was my primary email address is targeted often enough that I have no choice but to give up convenience and fortify the castle.

Cyber security is like speeding, you have to be perfect every time, but they only need you to slip up once.

[Doom]

The email spam I started getting yesterday makes it a possibility that someone may have been able to steal the NH database of user email addresses.


Although the specific email I examined actually came from a compromised host in the Netherlands, it claims to have been sent by Noodleownz, and other vaguely familiar names appeared on "To" addresses. The spammers had to get it either from the site or from another member, because I created an email address just for NH. It's probably even slightly more likely that some member who has exchanged email with me in the past was hacked, there are so many 0-day hacks for windows browsers now.

I'm willing to share the list of addresses and associated names but only with a site admin, if anyone cares to bother checking the database. If the addresses were to all match NH members, then the probability the addresses were hacked from here would be higher. I wouldn't even suggest it should be any priority, though. Spammers eventually get everything.

Regardless, I recommend everyone change your NH password.
And if you were ever fool enough to use the same password anywhere else, change those too, and make each one unique this time.

Please forward the email and anything else relevant to me ASAP. My email is ben.trettel at gmail.

We have known about the hacking issue since it started, but so far we have not really done anything about it because it seems the hacker could regain access without much difficulty. The plan is to restore a filesystem backup from before the hack, upgrade the forums, and then continue from there. I'll see what I can do to annoy the hacker, though.