Alert: Dark.net bot strikes CoD community
Sparks, from the Rise of the Resistance website posted this unhappy news on their forums last night:
Forum/Site BreachTally's other site [Tallys-World] as well as this one [Rise of the Resistance] got hacked/breached.{EDIT}Forum will be restored sometime Wednesday/Thursday when Tally returns from his trip to Infinity Ward.
Any questions, concerns, or comments... drop me a private message.
Sorry for the inconvenience and we hope to have the forum up and running again shortly.
Production has not ceased or slowed down.
- Alex "Sparks"
What we do know
BASH has learned other sites have also been affected aside from Tally's and RoTR's. Apparently, there is some indication that this is a world-wide problem affecting PHP Nuke sites. Hackers may have detected some vulnerability in these sites and are attacking them systematically.
Interestingly, the Devil-Dogz site was recently attacked by bots (automated scripts) attempting to write (gibberish) into its forums - at least that was what everyone saw on the surface. Security measures were upgraded and it seems the server survived the attacks (however the software it uses is not PHP Nuke).
If you have noticed such activity on your site, you might want to review your own security procedures (oh...and make backups!!). And make sure you have applied all the patches to your systems - not just OS patches, but 3rd party software as well!
There is current suspicion within the CoD community that the bot doing the damage is called:
"Dark.net"
The attacks have been going on for some weeks now. Apparently, 25 June 2007 was a "trigger" date for the bot activation.
According to those in the know, in order for the dark.net bot to work it "would have had to compromise your site and attach itself to it as a user". The lethality of the bot is clearly high and fortunately the American federal government is now involved.
BASHIE award winning RoTRBASH has learned other sites have also been affected aside from Tally's and RoTR's. Apparently, there is some indication that this is a world-wide problem affecting PHP Nuke sites. Hackers may have detected some vulnerability in these sites and are attacking them systematically.
Interestingly, the Devil-Dogz site was recently attacked by bots (automated scripts) attempting to write (gibberish) into its forums - at least that was what everyone saw on the surface. Security measures were upgraded and it seems the server survived the attacks (however the software it uses is not PHP Nuke).
If you have noticed such activity on your site, you might want to review your own security procedures (oh...and make backups!!). And make sure you have applied all the patches to your systems - not just OS patches, but 3rd party software as well!
There is current suspicion within the CoD community that the bot doing the damage is called:
"Dark.net"
The attacks have been going on for some weeks now. Apparently, 25 June 2007 was a "trigger" date for the bot activation.
According to those in the know, in order for the dark.net bot to work it "would have had to compromise your site and attach itself to it as a user". The lethality of the bot is clearly high and fortunately the American federal government is now involved.
We are all looking forward to RoTR being restored again to what it was ... a BASHIE award winning website. I hope the culprits are caught and dispensed with.
