View Full Version : Sorry about that

Jason Ramsey
09-09-2013, 09:14 AM
Hello, all. Looks like the site was briefly compromised a little while ago. It doesn't appear to be anything to be alarmed about. Basically the offending party very briefly gained access to the site and created a global notice with a snippet of code inside that caused bmcuser to re-direct to another site with a political message about the goings on in Syria.

The breach was quickly identified after being brought to my attention, and corrected within a few minutes. I put the site in maintenance mode shortly after that out of an abundance of caution while we ran some scans to make sure all was good. At that time we also made a few tweaks and performed a small update to the site software to close the exploit.

Based on activity logs, I don't believe there is any reason to believe that anyone's personal information or accounts have been compromised. Further, all passwords on the site are encrypted. I am not even able to see them. That said, please feel free to reset/change your password if you were on the site earlier and witnessed the re-direct that was temporarily in place. It is a good habit to get into, anyway.

Sorry for the temporary down time, and any inconvenience caused. And, thanks for your patience.

09-09-2013, 09:17 AM
No problem man. You guys got on it right away.

09-09-2013, 09:37 AM
good job, solved it fast.

09-09-2013, 09:37 AM
That was quick, Jason. Seems an associated forum has been offline for a lot longer.

Jason Ramsey
09-09-2013, 09:53 AM
Yes. Server upgrades.

Trevor Roach
09-09-2013, 10:13 AM
Sad to hear about these attacks. Roger Deakins had his down because of an attack. The Mods had to restart the forum, with all that valuable DP knowledge either being lost, or stored in an archive. Really just sick.

Glad you guys figured it out and are back up, did a great job Jason.

09-09-2013, 10:38 AM
investigation time. who has a grudge against such forums? perhaps if only 1 forum remains unhacked....

09-09-2013, 11:16 AM
Yep, saw that earlier today and tweeted about. Glad to hear it's fixed. Funny thing is DVXUSER was down earlier as well - wondering of that had to do anything with the hacking?

Jason Ramsey
09-09-2013, 11:43 AM
No. dvxuser has been undergoing server upgrades and maintenance. completely unrelated. (though, taking significantly longer than expected)