WebHostingTalk is hacked

Artashes

Artashes

Administrator
Staff member
Something I thought would have never happened to our gigantor friend, but WebHostingTalk.com went down yesterday with what seemed to be the usual downtime.

It turned out to be a nightmare:

This very deliberate, sophisticated and calculated hack against Web Hosting Talk was carried out by gaining access to our offsite backup servers. From our backup servers, the hacker gained access to the WHT db server. The malicious attacker deleted all backups from the backup servers within the infrastructure before deleting tables from our db server. We were alerted of the db exploitation and quickly shut down the site to prevent further damage.

This individual is still in possession of our user table that includes all user names, email addresses and hashed passwords.
Click to expand...

The explanation was given here:
http://www.webhostingtalk.com/showthread.php?t=729362


This makes me wonder what type of setup one should have to prevent something like this from taking place. And is it reasonable to expect hack-proof security for a regular website? Most importantly, how we can apply secure steps to HostingDiscussion as well?
 
I think the overall lesson learned was to have more than 1 backup server. I wasn't bothered about loosing 100+ posts, or that I had to change my passwork & update my account, but aparently there's some members that are very upset..

Stuff happens. I'd just say that this is a good wakeup call for many large forums, including HD.
 
only thing that bothers me is that my email address & username is now floating around in some big database available for spammers to download.

Crashes happen - that's what backups are for. To have a single backup source seems a little weak. How they were able to hack the main site and then ALSO the backup server - that's a big concern.

More spam to my mail box probably - but that's why we all change our passwords every 90 days right? :)
 
From my understanding the "hacker" first deleted their backups, then took the main site. Everyone has their opinions about hackers. First off, I don't blame the hacker, it's WHT and Rackspace's fault they didn't better secure things. But even if someone leaves themselves open to compromise, it doesn't mean they deserve it.
 
siforek said:
From my understanding the "hacker" first deleted their backups, then took the main site. Everyone has their opinions about hackers. First off, I don't blame the hacker, it's WHT and Rackspace's fault they didn't better secure things. But even if someone leaves themselves open to compromise, it doesn't mean they deserve it.
Click to expand...

You don't blame the hacker? Are you joking here?

Here is my opinion of hackers. They are a bunch of losers with no life. They are scum of the earth and care nothing about anyone but themselves. They belong in prison cells where hopefully they will be abused in the worst way.

Blaming the victim is absurd.
 
Blue said:
You don't blame the hacker? Are you joking here?

Here is my opinion of hackers. They are a bunch of losers with no life. They are scum of the earth and care nothing about anyone but themselves. They belong in prison cells where hopefully they will be abused in the worst way.

Blaming the victim is absurd.
Click to expand...

Of course you blame the hacker, but let's put it this way..
If I go park my BMW in a bad neighborhood, leave it unlocked, with the keys in the ignition, and it gets stolen.. Who's at fault?

Now I know that's a drastic example, but I blame both WHT and the hacker. As far as your opinions about hackers I'll agree with you to some extent, but lets specify "black hats", because although they may not have lives, and mite even be "losers" by some standards, the white hats are securing our world between WOW, star trek conventions, and their girlfriend(you don't know her:disagree:).
 
For the first time in a long....no...ever....I will have to disagree with Blue on this one.

I think there is a difference between a hacker and a script kiddie/defacer.

I was a "hacker" in the Army. It was a necessary task/skill within my job description.

The reality is a "hacker" in the true sense of the word is not a loser in any way. In fact, (not trying to toot my own horn), but they're very intelligent. It takes a lot of skill and intelligence to do what a hacker does.

Script kiddies on the other hand don't need a lot of knowledge of the way systems work. They do what they do out of pure amusement, and typically are blocked by little more than a period or symbol in your password.

I personally think what has happened is wrong, and WHT has my sympathy and the hacker now has users info (including mine).

What I doubt however is the statement:
"This very deliberate, sophisticated and calculated hack..."

Ok, it's obvious deliberate, and calculated, but I believe the word "sophisticated" was used to make everyone feel that their data would have otherwise been safe. I don't mean to say that they shouldn't make their users feel comfortable, but I have doubts that this was very sophisticated. The process would be as simple as hacking any other site.

Now I absolutely 100% agree that the hacker is to blame, but the truth is, when it comes to something like this, the victim is just as much to blame.

A good analogy, at least in my opinion, would be a sign posted outside of Central Park stating "Females walking in the dark, alone, through Central Park at night, are likely to be victimized." and women reading and ignoring the sign, and then falling victim to a crime in Central Park at night. You feel bad for her, and yes the attacker is to blame, but she knew the consequences of not taking the sign into consideration.

The same goes online. We're in an industry in which hacks are not just normal, but are expected. Having a better handle on prevention, and security auditing rather than coasting by feeling comfortable with what is already in place, is a good place to start, and any serious business model or community online with as many users as WHT has, should be considering this constantly. In fact iNet should have security professionals on staff, who are paid to audit the server/site for security holes constantly.

The fact remains if this was hotmail, gmail, or ms passports, everyone would be blaming those companies for lack of security, and I strongly feel that WHT should be no different.

Do I feel for WHT in this situation....absolutely, but let's be fair in passing responsibility around.
 
"This very deliberate, sophisticated and calculated hack..." I believed it to be 100% true, and it would have been had proper security been in place. So I was very surprised to discover what had actually transpired.

I feel for WHT. I can only imagine the stress involved in this.
 
I am one of the WHT users who is very upset, and would love to have ten minutes alone with the hacker. I don't hide my contempt for hackers, whatever their skill level.
 
websites like WHT who are very well know, should have more security for their servers. I hope that WHT and other popular websites learn a lesson from this.
 
Well skill level and actions are two different things as well. The knowledge to hack, and the way you choose to use it are of course very different.

There are very good uses for a hacker, but this isn't one of them.

Your contempt for hackers is understandable, but logically you can't really lump them into one category.
 
ANMMark said:
Well skill level and actions are two different things as well. The knowledge to hack, and the way you choose to use it are of course very different.

There are very good uses for a hacker, but this isn't one of them.

Your contempt for hackers is understandable, but logically you can't really lump them into one category.
Click to expand...
Yeah, I understand your point. I'm just incredibly upset. I was in communications intelligence in the Marine Corps, reporting directly to the National Security Agency (NSA). I understand the importance of 'good' hacking skills. This attack on WHT is deplorable though.
 
At this stage I am wondering whether Private Messages were compromised... if they were then its a whole new ballgame. I will have to contact a number of people... :(
 
Artashes said:
At this stage I am wondering whether Private Messages were compromised... if they were then its a whole new ballgame. I will have to contact a number of people... :(
Click to expand...

Not sure if they got the entire DB..
I had to login using my password from months ago, lost 100+ posts, but my signature I updated last week was still there:uhh:
 
siforek said:
Not sure if they got the entire DB..
I had to login using my password from months ago, lost 100+ posts, but my signature I updated last week was still there:uhh:
Click to expand...
Unfortunately, I didn't sign on there until Dec 2008, so WHT doesn't recognize me now. I lost over 1000 posts, but the breathe and depth of knowledgebase lost is what really upsets me.
 
ANMMark said:
For the first time in a long....no...ever....I will have to disagree with Blue on this one.

I think there is a difference between a hacker and a script kiddie/defacer.
Click to expand...

We don't disagree on this. I was using the term hacker in the context of what happened at WHT. I could have been more specific.
 
I do know they were asking their members who joined after Oct 2008 to rejoin with the same username, so if or when they were to recover their data, they could merge the two versions.
 
You must log in or register to reply here.

Supporters

Back
Top