CDRLabs.com

Posted: **Wed May 05, 2004 11:22 pm**

I just got an e-mail with cdrlabsforum in the TO and FROM and suggesting that this forum has security problems with a link to a web site in Russian or some other strange language. Did anyone else get this? :-?

Posted: **Thu May 06, 2004 1:59 am**

i got that same email, here ill post what was in it:

The following is an email sent to you by an administrator of "CDRLabs.com". If this message is spam, contains abusive or other comments you find offensive please contact the webmaster of the board at the following address:

forums@cdrlabs.com

Include this full email (particularly the headers).

Message sent to you follows:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Helo! I am K0r0l From Acolytez TEAM... I`m glad to tell u, than ur site & ur forum has many problems in security! Plz! visit http://www.acolytez.com for details

Posted: **Thu May 06, 2004 6:57 am**

Yeah, yeah, yeah... We all got that. That Korol guy used a recently announced security flaw in phpBB and got in. I was actually logged in a few minutes before he made his "attack". :-?

We took the site down immediately, and started re-securing the site. He was kind enough to send out a mass email about it through the forums admin panel. :-?

Posted: **Thu May 06, 2004 11:22 am**

well ok i guess thats fine, as long as he's a responsible hacker

Posted: **Thu May 06, 2004 3:07 pm**

Did they get any information, or were they just able to send messages out?

Posted: **Thu May 06, 2004 4:59 pm**

It is possible that the hacker grabbed your passwords while he had admin rights. It would probably be a smart move to change your password if you are concerned with them accessing your forum account.

Posted: **Thu May 06, 2004 5:29 pm**

umm, that might be something worth mentioning to the whole forum I think.

Posted: **Fri May 07, 2004 1:35 am**

hoxlund wrote:well ok i guess thats fine, as long as he's a responsible hacker

Yeah,I second that,a responsible hacker..... :wink:

::Pranav::

Posted: **Fri May 07, 2004 7:54 am**

Socheat wrote:It is possible that the hacker grabbed your passwords while he had admin rights. It would probably be a smart move to change your password if you are concerned with them accessing your forum account.

hoxlund wrote:well ok i guess thats fine, as long as he's a responsible hacker

Initially I thought, OK, that's a friendly reminder to do something- they didn't send any spam or stuff. Now I'm not so sure- they have a list of almost 8000 e-mail addresses of people with tech interests. They've checked which ones are still active with this "friendly reminder". Assuming that half are still valid, 4000 verfied e-mail addresses for a special interest commumity are woth some money in the (in)approproate hands.

I'm changing my password and keeping my eyes open.

G

Posted: **Fri May 07, 2004 8:32 am**

If it makes you feel any better, I'm pretty sure he didn't get many emails/passwords.

I logged on at 7AM EST, and the site was fine. I was reading through the amusing avatars thread. I clicked to go to the next page when I noticed the forums were "down" with the interesting new title. I checked the homepage, noticed the same message. I took down the entire site. Total time between noticing the site was hacked and taking the site down was at most 4-5 minutes.

I have a friend who can read Cyrillic, so was able to mostly decipher the hacker's website. Under the defacement section, he proudly boasts cdrlabs.com as a successful hack. He claimed he got 4-5 passwords, 2 of which were admin passwords. That's when he was able to gain access to the administrative panel and send out the mass email. I will emphasize this next part because it's important to note: The phpBB admin panel has a one click button to send out emails to all members. The hacker does not have a hardcopy list of all our members' email addresses. Just a small handful.

We would still advise everyone to change their passwords to be safe, but the most important ones, the admin/moderator passwords must be changed. As far as I know, we have all changed our passwords. We didn't want to cause a mass panic by saying "CHANGE YOUR PASSWORDS NOW!" :wink:

Hope that helps.

Posted: **Fri May 07, 2004 8:48 am**

Socheat wrote:If it makes you feel any better, I'm pretty sure he didn't get many emails/passwords.

...

Hope that helps.

I does actually, thanks. I did change my password just now, with the result that I tried out 14 variants before I remembered what the new one was. :roll:

G

Posted: **Fri May 14, 2004 11:40 am**

From forums@cdrlabs.com
Sent Friday, May 14, 2004 8:19 am
To forums@cdrlabs.com
Cc
Bcc
Subject Heh... this forum have a loooot of bugs!!

The following is an email sent to you by an administrator of "CDRLabs.com". If this message is spam, contains abusive or other comments you find offensive please contact the webmaster of the board at the following address:

forums@cdrlabs.com

Include this full email (particularly the headers).

Message sent to you follows:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Dear users!! Do u want to use board which dont give u ur privacy....?

Admins!!! Contact with me if u realy want to setup ur security!!!!

K0r0l (visit http://www.acolytez.com - for details)

Posted: **Fri May 14, 2004 11:48 am**

One of the Admins forgot to change their password since the last attack by this idiot. We apologize for these annoying emails.

Posted: **Fri May 14, 2004 8:36 pm**

Yep, he's at it again.......I got two of them.

Posted: **Sat May 15, 2004 12:59 am**

Strange.I didnt receive any mail after the first one.

::Pranav::

CDRLabs.com

Forum Security Breach?

Forum Security Breach?

If the problem is fixed then how come I got this today?