[Theory] How the site was "hacked" and what you can do to stay safe

Discussion in 'Site Discussions & Suggestions' started by Sasori, Jan 12, 2017.

Thread Status:
Not open for further replies.
  1. Sasori
    OP

    Member Sasori GBAtemp Maniac

    Joined:
    Jan 28, 2015
    Messages:
    1,214
    Country:
    United States
    I can almost guarantee that this was just a simple bruteforce to get passwords using a program called SentryMBA, and not an exploit. Similar. This is a similar method that people use to get access to netflix, hulu, and minecraft accounts. The same thing happened to Se7enSins a few months ago. So this is all coming from experience and what us and our staff team did to prevent as much damage as possible. While this method of attack is of course a theory. I do recommend that you do not take this suggestion lightly.

    1. Change your password to something new. I recommend using this site to generate a secure password
    2.
    It was brought to my attention that the admin team disabled this feature of xenforo

    If you do one or both of these you will be perfectly fine. Although I doubt most of us will have any issues anyway since the script kiddies are only interested in popular/powerful accounts.

    i.e Hundshammer, auroram and staff members
     
    Last edited by Sasori, Jan 12, 2017
    hobbledehoy899 likes this.
  2. N64

    Member N64 GBAtemp Fan

    Joined:
    Apr 16, 2014
    Messages:
    419
    Country:
    United States
    theres no 2FA on this site.
     
  3. VinLark

    Member VinLark Take this 5

    Joined:
    Jun 11, 2016
    Messages:
    3,417
    Location:
    4chan and other wonders of the internet
    Country:
    United States
    Never seen F2A on this site

    Have you been hacked?
     
  4. Sasori
    OP

    Member Sasori GBAtemp Maniac

    Joined:
    Jan 28, 2015
    Messages:
    1,214
    Country:
    United States
    Its built into Xenforo. So an admin must of went out of their way in the ACP(admin control panel) and disabled it...ugh. Ill make a note thank you. I wasn't aware that they disabled it since that doesn't make much sense security wise.

    No sir. Always have those unique passwords ;)
     
  5. VinLark

    Member VinLark Take this 5

    Joined:
    Jun 11, 2016
    Messages:
    3,417
    Location:
    4chan and other wonders of the internet
    Country:
    United States
    Wow it got disabled

    Let's just throw this site out next, shall we? I can't believe the admins would do that fuck.
     
  6. Ronhero

    Member Ronhero Too Weird to Live, Too Rare to Die

    Joined:
    Jun 28, 2014
    Messages:
    2,993
    Location:
    Arizona Bay
    Country:
    United States
    GBAtemp is powered by XenForo which uses a strongly "salted" encryption for passwords
     
  7. Sasori
    OP

    Member Sasori GBAtemp Maniac

    Joined:
    Jan 28, 2015
    Messages:
    1,214
    Country:
    United States
    That doesn't mean tools like SentryMBA still can't be used.
     
    VinLark likes this.
  8. Ronhero

    Member Ronhero Too Weird to Live, Too Rare to Die

    Joined:
    Jun 28, 2014
    Messages:
    2,993
    Location:
    Arizona Bay
    Country:
    United States
    I was hacked too remember. I am the one who first notified admins.... got called a troll and had my post moved to EOF
     
  9. zoogie

    Member zoogie simple pimp tool

    Joined:
    Nov 30, 2014
    Messages:
    5,449
    Country:
    United States
  10. Ronhero

    Member Ronhero Too Weird to Live, Too Rare to Die

    Joined:
    Jun 28, 2014
    Messages:
    2,993
    Location:
    Arizona Bay
    Country:
    United States
  11. Sasori
    OP

    Member Sasori GBAtemp Maniac

    Joined:
    Jan 28, 2015
    Messages:
    1,214
    Country:
    United States
    That doesn't mean that users don't share usernames and passwords


    That still doesn't debunk a program like SentryMBA potentially being apart of this...I recommend reading up on that program and how it works before replying again. Not trying to cause an argument but you honestly seem like you don't quite understand the terminology of whats going on here. Your last reply to Zoogie gives some strength to that statement as well.

    I apologize for saying that, especially since this is a theory. But you are trying to refute theories with statements that make no sense. :(
     
  12. Ronhero

    Member Ronhero Too Weird to Live, Too Rare to Die

    Joined:
    Jun 28, 2014
    Messages:
    2,993
    Location:
    Arizona Bay
    Country:
    United States
    Mkay I'll just leave
     
  13. pwsincd

    Member pwsincd Garage Flower

    Joined:
    Dec 4, 2011
    Messages:
    3,104
    Location:
    Manchester UK
    Country:
    United Kingdom
    Which site was hacked... ?
     
  14. Sasori
    OP

    Member Sasori GBAtemp Maniac

    Joined:
    Jan 28, 2015
    Messages:
    1,214
    Country:
    United States
    A few users had their accounts compromised on this site.
     
  15. pwsincd

    Member pwsincd Garage Flower

    Joined:
    Dec 4, 2011
    Messages:
    3,104
    Location:
    Manchester UK
    Country:
    United Kingdom
    ok cause our IRC channel and specifically my login was compromised and it carried the same password as here.. so it seems peoople are using the info gained.
     
  16. TotalInsanity4

    Member TotalInsanity4 GBAtemp Supreme Overlord

    Joined:
    Dec 1, 2014
    Messages:
    6,159
    Location:
    Under a rock
    Country:
    United States
    Basically there's a hacker on the site that seems to have some sort of vendetta against Luma3DS
     
  17. p1ngpong

    Supervisor p1ngpong Legit Boss Harold

    Joined:
    Apr 18, 2008
    Messages:
    6,362
    Location:
    DS Scene
    Country:
    Croatia
    Speculation threads with no proof arent helping anyone, but so far I see no evidence that this is a mass hack over something like bruteforcing like the OP says. Just change your passwords to something complex to secure your accounts.
     
    Chary, T-hug, VinsCool and 3 others like this.
Thread Status:
Not open for further replies.

Share This Page