Okay Ladies and Gentlemen,
First off, let me start by apologising for what has happened recently.
For those that don’t know, the 406 Owners Club forums had been hacked. As yet, no one has claimed responsability for the attack, and the reasons for the attack are unknown.
I would like to reassure all our members that all your data, i.e. passwords are safe, and they were NOT compromised (I’ll explain how below).
Unfortunately, I have been staying at the girlfriends for a while and she doesn’t have internet access. The first I found out about it was tonight, when Foxy PM’d me.
From what I can gather, this was just some punk who spotted a hole in the security of the forum, and exploited it just for the sake of exploiting it. I am currently in talks with the hosting provider to trace the ISP of the culprit, and hopefully legal action will ensue.
As you know, the 406 Owners Club site is built around the phpBB forum software, using the current stable 2.x release branch. As a responsible Admin, and site owner, I ensured that it was kept up to date, with the latest security fixes and patches, however as the software is purely forum software, I had to add a few “modifications” so the site could do what we require. Unfortunately, I fell by the wayside in updating one particular module, which, as you can see, has caused data to be lost.
Specifically, the Links section. The attacker used a method called the “SQL Injection”. A SQL injection is a technique that exploits a security vulnerability occurring in the database layer of an application. The vulnerability is present when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed and thereby unexpectedly executed. It is in fact an instance of a more general class of vulnerabilities that can occur whenever one programming or scripting language is embedded inside another. [Taken from Wikipedia - http://en.wikipedia.org/wiki/SQL_injection]. The attacker crafted the links.php file to create an admin user, and from that, had access to the general board data.
They DID NOT have access to the actual database itself, ensuring that passwords and other data remained intact.
As a result of this second attack on the site – Foxy very quickly and promptly directed all uses to the playground. This is where I try out new software for the forum, and recently asked users to have a play here to give me some feedback.
I was planning on waiting for a couple of weeks before opening this up as the actual forum, but due to the current situation I believe it is warranted.
As a result, however, any users who registered recently, and all posts made recently have been deleted.
Again, I am currently in talks with my host provider to see if any types of backups were made with regards to the data, to see if any of the forum posts can be rescued, and I’ll update everyone accordingly.
Because of this security breach, and the fact it took so long for me to find out, I have decided to ask for moderators for the forums, to help me, Niz and Foxy, subject to discussing this through with them. I don’t seem to have their mobile numbers, but if anyone has them, can you pass them to me?
Again, I sincerely apologise. This is not something that should have happened, and from what I can see, it was purely by chance that they found this site, and specifically, that file. Again, I’m sorry.
*I would like to point out that the original amount of swear words in this post made MS Word crash. For the geeks out there – the BSOD came up case there was so many blue words! Well, you got to smile in times like these...[b]