Jump to content


Toggle shoutbox Shoutbox Open the Shoutbox in a popup

@  Nex : (28 October 2020 - 10:15 AM)

You can panic all you like though. Just don't you DARE painc!

@  John Roberts : (28 October 2020 - 03:14 AM)

Don't painc!

@  tiff15 : (23 October 2020 - 09:14 AM)

Thanks for the welcome guys. Im working with Octascratchrock right now on our RP series. once thats up to snuff, we can continue the series here (I hope.) I'll also see about moving my fan fiction series here as well.

@  Shadow : (15 October 2020 - 12:36 PM)

All your base are belong to us.

@  Ishapar : (13 October 2020 - 12:16 PM)

So the last two days had the most shoutbox activity. We broke a record, mates!

@  Ishapar : (13 October 2020 - 12:11 PM)

I haven't been doing much of anything in life, so I really haven't been to forums either. Hey, tiff15, welcome back.

@  Nex : (13 October 2020 - 12:54 AM)

Ya most of the FUS monkeys like to hide in the Discord server these days.

@  tiff15 : (12 October 2020 - 05:02 PM)

I see. well, Im just glad someone answered at some point. Ive been to less active forums, so this is fine! ^-^

@  furrykef : (12 October 2020 - 11:28 AM)

This forum isn't terribly active, unfortunately...

@  tiff15 : (11 October 2020 - 05:19 PM)

Is anyone on tonight?

@  tiff15 : (11 October 2020 - 01:18 PM)

Finally got back in! I missed this place!

@  wildfire : (13 September 2020 - 10:28 PM)

This is starting to become a monthly "thing" with me. Not that I mind though. What it is Shoutbox?

@  MoKat : (01 September 2020 - 08:38 AM)

*gives Ishpar a bottle of Gorilla Glue* U broke it, u can fix it :D

@  Ishapar : (29 August 2020 - 12:39 PM)

There, the quiet has been broken.

@  Ishapar : (29 August 2020 - 12:39 PM)

AHH!!@

@  Wulfsbane : (24 August 2020 - 07:21 AM)

Ye, it's been quiet here

@  MoKat : (22 August 2020 - 09:40 AM)

Looks like not much is up here, Wildfire. *looks down* Not much is down either :D

@  MoKat : (22 August 2020 - 09:39 AM)

Heh, neveermind Wulfsbane; it was just the new layout messing with me :/

@  wildfire : (20 August 2020 - 08:53 PM)

What up FUS? Thought i'd lurk a bit tonight.

@  MoKat : (20 August 2020 - 08:17 AM)

Hey, Wulfsbane! Woulda tell RedStranger I cannot login to FSoM now?


Photo

Fus Has Been Hacked


  • Please log in to reply
4 replies to this topic

#1 FUS News Robot

FUS News Robot

    Extra! Extra!

  • Newsbot
  • 200 posts
  • Gender:Not Telling

Posted 07 June 2015 - 09:00 PM

I have some grave news, amigos.

On May 30th, FUS was hacked by a spammer. We still don't know for 100% certain how they got in, but I'm 99% certain they got in through a Wordpress exploit, since our Wordpress was rather out of date. The main thing they did, possibly the only thing, was put up a bunch of spam pages and maybe send out spam e-mails.

But there is also a chance they got ahold of the forum database, including the password table. The passwords are encrypted (or more accurately "hashed"), which means they cannot just read your password, but they might be able to decode some of them. If you reused your FUS password anywhere else, such as for an e-mail account, we highly recommend changing those passwords just to be safe. Also, though we think the chance is tiny, FUS may still be compromised for the moment. Now, the chance they got or will get your password is very small, but it's not impossible.

We think we have patched up the security holes, but the nature of security is one can never be too sure. So what we're going to do is torch the site and run. *ahem* I mean, we're going to make a big backup of everything, wipe the server, and then put everything back in as secure a manner as possible. That means that, within a day or two, FUS is going to be down for probably a few hours. We won't lose anything; when we're back up, everything will still be there and, we hope, it will look as though nothing had ever happened.

We deeply apologize for the inconvenience. Heck, it's a hassle for us too! But bear with us and everything should be fine within a couple of days, OK?

Read the full story here



#2 furrykef

furrykef

    Fellow FUSer

  • Tech Guy
  • 4,521 posts
  • Gender:Male

Posted 09 June 2015 - 12:07 AM

I have not done the full reinstall just yet. I may start the process within the next couple of hours or I might wait until tonight; it depends on when I finish preparations and how confident I am in them.

Anyway, it seems clear now that FUS is currently compromised. A malicious "indes.php" (note the "s") file was uploaded or generated a few hours ago which allows anyone who uses it to execute arbitrary PHP code. Hopefully, this was just generated by something left over from the previous hacking and isn't a sign of new hacking, in which case things should still be back to normal after I do the full reinstall.

#3 HeavensChampion

HeavensChampion

    Fellow FUSer

  • Fellow FUSer
  • 302 posts

Posted 09 June 2015 - 12:25 AM

I've changed my password, and I'll say just that.



#4 Arekkisu

Arekkisu

    The Pymann

  • Game Staff
  • 1,437 posts
  • Gender:Male
  • Location:Earth

Posted 10 June 2015 - 10:22 AM

Should I do a double check through all my files because my site is hosted through FUS or should I be safe?


J6GqqRM.jpg


#5 furrykef

furrykef

    Fellow FUSer

  • Tech Guy
  • 4,521 posts
  • Gender:Male

Posted 10 June 2015 - 10:33 AM

I upgraded your Wordpress to 4.2.2 last night, and I haven't found anything compromised in it. Your site should be safe. You may still want to change the password of your Wordpress account, because they may still have read your database, but you might as well wait until the reinstall first 'cause FUS may still be compromised (and so you'd just have to change it again).


1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users