Jump to content


Toggle shoutbox Shoutbox Open the Shoutbox in a popup

@  RedG : (09 September 2021 - 02:40 PM)

yo yo

@  Shadow : (08 September 2021 - 10:16 PM)

Greetings, visitor

@  DMoney : (08 September 2021 - 02:08 PM)

hey whattup everybody!

@  furrykef : (03 September 2021 - 07:07 AM)

*pokes the shoutbox*

@  Lord Exor : (12 May 2021 - 05:12 PM)

Sonic Prime seems like an interesting opportunity with that purported multiverse angle.

@  Shadow : (12 May 2021 - 05:04 PM)

Barely. Holding out for the big update.

@  Lord Exor : (12 May 2021 - 05:00 PM)

It's good to see the place still kicking.

@  Lord Exor : (12 May 2021 - 04:59 PM)

How have you been?

@  Lord Exor : (12 May 2021 - 04:59 PM)

I've been floating around here and there.

@  Lord Exor : (12 May 2021 - 04:59 PM)

I think it's been about a decade at this point, right?

@  furrykef : (12 May 2021 - 04:44 PM)

I haven't seen you in ages, man! Where ya been?

@  Shadow : (12 May 2021 - 04:44 PM)

Hey, if it isn't Lord Exor. Long time no see.

@  Lord Exor : (12 May 2021 - 04:32 PM)

Hi.

@  furrykef : (08 May 2021 - 01:50 AM)

The Sea3on Discord: https://discord.gg/qQrqAvG

@  FreezyTailrazor : (07 May 2021 - 08:57 AM)

What's this about a discord?

@  FreezyTailrazor : (07 May 2021 - 08:57 AM)

Long time no see.

@  Ishapar : (29 April 2021 - 10:20 AM)

I will check things out once in awhile, but right now I am mostly trying to work on getting back on my own two feet after struggling for a near decade.

@  Shadow : (20 April 2021 - 11:59 PM)

I lurk but am mainly on the discord server

@  Altair the D... : (20 April 2021 - 08:44 AM)

I think that describes most of us, eh? ;)

@  GamemasterAn... : (20 April 2021 - 05:46 AM)

Physically, yes. Mentally...that's debatable...


Photo

Fus Has Been Hacked


  • Please log in to reply
4 replies to this topic

#1 FUS News Robot

FUS News Robot

    Extra! Extra!

  • Newsbot
  • 200 posts
  • Gender:Not Telling

Posted 07 June 2015 - 09:00 PM

I have some grave news, amigos.

On May 30th, FUS was hacked by a spammer. We still don't know for 100% certain how they got in, but I'm 99% certain they got in through a Wordpress exploit, since our Wordpress was rather out of date. The main thing they did, possibly the only thing, was put up a bunch of spam pages and maybe send out spam e-mails.

But there is also a chance they got ahold of the forum database, including the password table. The passwords are encrypted (or more accurately "hashed"), which means they cannot just read your password, but they might be able to decode some of them. If you reused your FUS password anywhere else, such as for an e-mail account, we highly recommend changing those passwords just to be safe. Also, though we think the chance is tiny, FUS may still be compromised for the moment. Now, the chance they got or will get your password is very small, but it's not impossible.

We think we have patched up the security holes, but the nature of security is one can never be too sure. So what we're going to do is torch the site and run. *ahem* I mean, we're going to make a big backup of everything, wipe the server, and then put everything back in as secure a manner as possible. That means that, within a day or two, FUS is going to be down for probably a few hours. We won't lose anything; when we're back up, everything will still be there and, we hope, it will look as though nothing had ever happened.

We deeply apologize for the inconvenience. Heck, it's a hassle for us too! But bear with us and everything should be fine within a couple of days, OK?

Read the full story here



#2 furrykef

furrykef

    Fellow FUSer

  • Tech Guy
  • 4,530 posts
  • Gender:Male

Posted 09 June 2015 - 12:07 AM

I have not done the full reinstall just yet. I may start the process within the next couple of hours or I might wait until tonight; it depends on when I finish preparations and how confident I am in them.

Anyway, it seems clear now that FUS is currently compromised. A malicious "indes.php" (note the "s") file was uploaded or generated a few hours ago which allows anyone who uses it to execute arbitrary PHP code. Hopefully, this was just generated by something left over from the previous hacking and isn't a sign of new hacking, in which case things should still be back to normal after I do the full reinstall.

#3 HeavensChampion

HeavensChampion

    Fellow FUSer

  • Fellow FUSer
  • 303 posts

Posted 09 June 2015 - 12:25 AM

I've changed my password, and I'll say just that.



#4 Arekkisu

Arekkisu

    The Pymann

  • Game Staff
  • 1,437 posts
  • Gender:Male
  • Location:Earth

Posted 10 June 2015 - 10:22 AM

Should I do a double check through all my files because my site is hosted through FUS or should I be safe?


J6GqqRM.jpg


#5 furrykef

furrykef

    Fellow FUSer

  • Tech Guy
  • 4,530 posts
  • Gender:Male

Posted 10 June 2015 - 10:33 AM

I upgraded your Wordpress to 4.2.2 last night, and I haven't found anything compromised in it. Your site should be safe. You may still want to change the password of your Wordpress account, because they may still have read your database, but you might as well wait until the reinstall first 'cause FUS may still be compromised (and so you'd just have to change it again).


1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users