OK, I promised I'd let everyone in on what exactly hapenned regarding this site's first ever hacking attempt.
First of all, This occurred about 8 months ago, but I only got aware of what had been tried since about one month. Indeed, my busy schedule kept me from doing a rundown of the server logs, so as to check if there wasn't something out of the common. I was looking for stuff like oddly excessive traffic and other assorted stuff. With >48,000 spam accounts blocked in less than one year , one cannot be careful enough, right? Since I am not by formation an expert in Internet security, I figured it wouldn't be a bad idea to do a quick cursory look on the server logs, in search for some common hacks/exploits attempts.
The several searches I carried out yielded only one result
n
The first thing I found weird was the attempt at hijacking the SQL database of the server. Odd I thought. Then I did a quick search to the offending IP (74.137.34.86) expecting to have a hit from typical places such as Russia, Ukraine, China, or even France. Yet lo and behold, the IP came from Kentucky,
US.
NetRange: 74.128.0.0 - 74.143.255.255
CIDR: 74.128.0.0/12
OriginAS:
NetName: INSIGHT-COMMUNCATIONS-CORP
NetHandle: NET-74-128-0-0-1
Parent: NET-74-0-0-0-0
NetType: Direct Allocation
RegDate: 2006-04-07
Updated: 2012-02-24
Ref: http://whois.arin.net/rest/net/NET-74-128-0-0-1
OrgName: INSIGHT COMMUNICATIONS COMPANY, L.P.
OrgId: INSIG-7
Address: 10200 Linn Station Road
Address: Suite 125
City: Louisville
StateProv: KY
PostalCode: 40223
Country: US
RegDate: 2005-02-07
Updated: 2012-03-28
Ref: http://whois.arin.net/rest/org/INSIG-7
That
also seemed... odd...
My first reflex was to check the look for any hits of this IP on this site. I found out that this was an IP the "Jesus" account had posted three times from on this site.
Everyone knew that "Jesus" was Feyd_Ruin from MTGS, since at the time he requested that some former user "Jesus" surrendered his forum name (he changed it to "Iesus") so that he could find his "rightful" name.
Knowing that Feyd_Ruin had tried to hijack the site's SQL database (Although through outdated exploits, which means he achieved no illegitimate access, I could confirm this myself), I tried to dig deeper on this hacking attempt logs. All this occurred the 23rd November 2012, during the space of 40min. I went to re-check what was ocurring both here (the postings at that time) and on MTGS (the leaked mod lounge posts we were sent by a honorable staff member of MTGS), and the major event that occurred at that time was Sene posting
his discontent about the MTGS Razzies (The legendary post that was at the onset of the Blathering threads legacy) just the day before:
22nd November 2012
One would think you'd move on and try to focus your considerable resources on building your own welcoming & quality community to rival MTGS, instead of making this a site an outlet for pettiness and satisfying personal grudges.
Just saying.
At about the same time we had received this info about the MTGS mod lounge:
16th November 2012
Feyd_Ruin applied for tech. He's now making magic tricks in Mod Chat with HTML and BBcode to impress the kids so they hire him.
And it is not difficult to make the logic leap that one of the tricks he tried was hijacking this site's
database, perhaps to snitch on the honorable person who has been sharing us the info about the deceit and lies that MTGS has pulled on many of this site's members.
I withheld this info for some more time because I wanted some independent confirmation that an IP search on this IP gave hits on MTGS, and I've been told this week that this is correct and points to no other than Feyd_Ruin.
For me there can be no doubts that a technician of MTGS tried to hack the database of this site, probably on a futile attempt to expose the person who alerted us on the sale of MTGS and the true reasons behind the mass bannings at MTGS (which apparently are being reenacted one year after).
I was really dumbfounded by this because I honestly thought this pointless conflict would stop at just bemoaning and demonising people like myself, with just slander about the so-called "malicious actions" that I took against MTGS (exposing the sale to Curse as the real reason behind the shutdown of a subforum of MTGS and
the persecution towards is members, for the simple reason that the subforum wouldn't conform to the future TOS of the site). I would never imagine that a current staff member of MTGS would go as far as trying to hack this site, and to be honest, I'm not even mad. I just find this more sad than anything else.
So there you go. You people know everything about this affair. I know there are many decent people on the lower ranks of MTGSalvation staff, and I welcome them to search 74.137.34.86 on their IP lookup tools.
Originally posted by Galspanic on MTGS
I would still like to see the posts sent over to ( N_S ) and have the Salvation Gutter archived away and replaced with a link to MTGC.
Thank you for all the lies. Another fine display of integrity by iridium
Eric, Ren and Jensen were activists
Heads loaded with theory, their hearts are filled with passion
Shared the same left wing politics
Liked the same music, they were part of the protest movement
Now, Anna presented herself as a feminist
Studied the way they talked and dressed
Fashioned herself an anarchist
Eric fell in love with Anna at the meeting of the crime think conference
He didn't know it but Anna was an FBI informant
Seems like a good CI thread, why is hacking DTR a bullet point on a resume that MTGS is looking for?
Good question
Eric, Ren and Jensen were activists
Heads loaded with theory, their hearts are filled with passion
Shared the same left wing politics
Liked the same music, they were part of the protest movement
Now, Anna presented herself as a feminist
Studied the way they talked and dressed
Fashioned herself an anarchist
Eric fell in love with Anna at the meeting of the crime think conference
He didn't know it but Anna was an FBI informant
Eric, Ren and Jensen were activists
Heads loaded with theory, their hearts are filled with passion
Shared the same left wing politics
Liked the same music, they were part of the protest movement
Now, Anna presented herself as a feminist
Studied the way they talked and dressed
Fashioned herself an anarchist
Eric fell in love with Anna at the meeting of the crime think conference
He didn't know it but Anna was an FBI informant
It's too bad we don't have a secret subforum where we can coordinate troll attempts where only we can see so that we don't have to catch on because only one of us is an actual rocket scientist.
I am particularly interested in committing internet genocide
I told him to quit bitchin, this isn't a fuckin hotline
It's too bad we don't have a secret subforum where we can coordinate troll attempts where only we can see so that we don't have to catch on because only one of us is an actual rocket scientist.
I am particularly interested in committing internet genocide
In his defense, it wasn't like he tried really hard. I actually had to delve pretty deep into the archives to find that nosploit. Union selects are garbage against internet forum software, any skiddy can tell you that, and like I keep saying Debian has some of the cleanest tiers I've seen so there was like a negative percentage chance that it would work. Plus let's not forget that proxying an IP is like the simplest thing ever. Not that I'm not saying I don't believe it, just laying out the counterargument.
Lol, their "24 hour 7 day a week" line just takes you to an automated message to call back during business hours. Don't believe their lies, they're in on it too!
It's too bad we don't have a secret subforum where we can coordinate troll attempts where only we can see so that we don't have to catch on because only one of us is an actual rocket scientist.
I am particularly interested in committing internet genocide
I want to blather here, but this isn't a blather thread
Eric, Ren and Jensen were activists
Heads loaded with theory, their hearts are filled with passion
Shared the same left wing politics
Liked the same music, they were part of the protest movement
Now, Anna presented herself as a feminist
Studied the way they talked and dressed
Fashioned herself an anarchist
Eric fell in love with Anna at the meeting of the crime think conference
He didn't know it but Anna was an FBI informant
Eric, Ren and Jensen were activists
Heads loaded with theory, their hearts are filled with passion
Shared the same left wing politics
Liked the same music, they were part of the protest movement
Now, Anna presented herself as a feminist
Studied the way they talked and dressed
Fashioned herself an anarchist
Eric fell in love with Anna at the meeting of the crime think conference
He didn't know it but Anna was an FBI informant
, one cannot be careful enough, right? Since I am not by formation an expert in Internet security, I figured it wouldn't be a bad idea to do a quick cursory look on the server logs, in search for some common hacks/exploits attempts.
