Golden Sun Hacking Community
December 12, 2017, 10:36:02 AM *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
News:
 
  Home   Forum   DC Wiki Help Search Calendar Downloads Login Register  
Pages: [1]   Go Down
  Print  
Author Topic: Important announcement regarding forum malware attack  (Read 1788 times)
0 Members and 1 Guest are viewing this topic.
Atrius
Programmer Extraordinaire
Web Host

Fear my blades

Veteran Member
*

Coins: 1
Offline Offline

Gender: Male
Emblems: Website Founder
Clan Position: Creation God of Sol
Posts: 1756

« on: March 21, 2017, 12:17:47 AM »

Hey everyone, I've got some bad news and some good news.


The bad news: It's just been discovered that goldensunhacking.net was infected with malware around the end of February in 2016.

The good news: There is no indication so far that the attacker was trying to target user data, or impact normal site visitors in any way.



I'm still sifting through everything to determine the damage, but fortunately what I've analyzed so far indicates that the attacker was just using our server as a proxy.  What that means is that they were masking their IP address as our server's to access other sites.  I haven't found anything yet that would indicate regular users of the site would have been impacted by the malware, but I will keep you updated if I discover anything that indicates otherwise.



21 Mar Update

I've found code that could have been used to redirect traffic coming in specifically from the search providers Google, Yahoo, MSN, AOL, and Bing, or replace all of the links on the site with different links for traffic coming from those same search providers.  It appears to have never been configured properly though, and would not have been functioning.  So far this is the only code I've found that could have impacted normal users, but again it would have required additional set up that was not performed, and would not have been functioning.

Although there are still no indications that user data was targeted, I'm continuing my analysis of all of the site's files to make sure, and will keep you informed.  I have no estimate for when I'll get the site up and running again, making sure everything is clean is my main priority right now.
« Last Edit: April 02, 2017, 01:59:26 PM by Atrius » Logged

I'm shaking my head in general disapproval of everything
View Profile WWW
Atrius
Programmer Extraordinaire
Web Host

Fear my blades

Veteran Member
*

Coins: 1
Offline Offline

Gender: Male
Emblems: Website Founder
Clan Position: Creation God of Sol
Posts: 1756

« Reply #1 on: April 02, 2017, 02:20:28 PM »

I've completed my clean up of the Malware, I'm pretty confident that we're clean now, additionally, I've made sure we have the latest security updates installed on the forum.

I'm still not sure how it happened in the first place, it's possible the attack didn't even originate on this site.  One of the dangers of using a shared hosting environment is that things can leak over from other sites on the server.  Regardless, I'm going to be keeping a closer eye on things for a while.
Logged

I'm shaking my head in general disapproval of everything
View Profile WWW
Pages: [1]   Go Up
  Print  
 
Jump to:  

Cbox
December 09, 2017, 04:24:14 AM
Majora: Import old forum posts for reference, perhaps take posts containing important info like documentation away from the old stickied forum post model and make them into their own pages on a site with an in-built search bar. Might help with SEO, too. If nothing else, perhaps whipping them into PDFs and hosting them via Scribd? The possibilities are boundless when it comes to restructuring a site
December 09, 2017, 04:20:02 AM
Majora: Just a nice idea to have even if it doesn't come to fruition. Updating, modernizing, always a good idea. Could probably do something pretty nifty using a good Wordpress theme
December 09, 2017, 04:15:45 AM
Majora: Would be kind of neat to do something like that for GSHC. Could change it up a bit to show all tweets/instagram posts/facebook posts/golden sun subreddit posts all in one sidebar. It would be cool in that it gives the site it's on (and the topic in general) appear more lively and active, which is a plus
December 09, 2017, 04:14:19 AM
Majora: That does sound interesting. One cool thing I've seen some sites use is a sort of unique take on a sidebar option that acts like a social media integration (like, "See GSHC's latest Tweets"). It displays activity from a variety of related sites, such as Reddit, Twitter, Instagram, etc.
December 09, 2017, 12:58:53 AM
Fox: And the way it'd work via code is not that all users would instantly get nicknames the minute you register... but rather, the moment you view a name if it doesn't have a nickname, it gets one. (My Thoughts.)
December 09, 2017, 12:53:55 AM
Fox: (I was thinking that it would be "Name (Nickname)" ... The nickname is what you first known the user as, and you can change that yourself... and the Name is what the user wants to be called... Something like that.
December 09, 2017, 12:47:56 AM
Fox: So like... for starters, one idea I had was to make it so anyone can name anyone... much like how it works on Skype, and you (the namer) would be the only one to see it, and such...
December 09, 2017, 12:45:02 AM
Fox: Would need to be carefully thought out and tested, though.
December 09, 2017, 12:43:02 AM
Fox: I'm thinking I could make it so that name changes can happen whenever... (Without any limit)... Since I believe there's a way to do it with minimum confusion. (I think.) Hmm....
December 09, 2017, 12:31:36 AM
Fox: (I mean an offline version... at least initially.)
December 09, 2017, 12:25:01 AM
Fox: Now that I have thought about it a bit more, would I be right to assume that GSHC would be one of the most interesting websites to administrate, or no? It's sad to see not much going on with it. == I almost want to make a concept website at some point. :D Anyway, how is everyone doing today?
December 06, 2017, 12:12:59 AM
Fox: Like... Start using Github or something... Do like how many of those other projects such as Citra (WIP 3DS Emulator) does. Etc.
December 06, 2017, 12:08:12 AM
Fox: No idea. I just wish OpenGoldenSun would release it as unfinished, but oh well.
December 05, 2017, 06:52:09 AM
MaxiPower: Bummed out that the open golden sun project is dead it seems with no actitivy in close to a year at this point. Is there any hope left in any other projects?
November 27, 2017, 10:25:28 AM
Fox: (When I say research, mainly refering to the data in the game, though checking websites can count to a degree.)
November 27, 2017, 09:52:27 AM
Fox: Maybe. But Dark Dawn is meh, hahah... I still research it, though, because data can be interesting.
November 27, 2017, 05:28:36 AM
Portakin: I'm here! This game is underrated!
November 25, 2017, 08:03:23 PM
Fox: .... and the email listed in that post makes me think we should just make a new rules topic with most of the same information. (So the old ones can be sort o archived.)
November 25, 2017, 07:59:47 PM
Fox: "and in addition to the bot being banned, I will remove the advertisement and lock the thread."  ... From what I've seen in the last couple years, this should be changed to "delete the thread."
November 24, 2017, 03:46:07 AM
Fox: Happy birthday Salanewt (Since it is mentioned in the Upcoming Caledar.) And Thanksgiving to my fellow GSHCers!

Affiliates
Temple of Kraden Golden Sunrise
Powered by MySQL Powered by PHP Powered by SMF 1.1.21 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!
Page created in 0.064 seconds with 21 queries.