Jump to content

Potential Database Breach

Dark0ne

By Dark0ne
in Site Updates

 Share

Recommended Posts

  • Replies 365
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

Damuel Newbie

Damuel

Posted
Posted
In response to post #31558720. #31559325, #31573900, #31574430, #31575890, #31575970, #31579990, #31580480, #31581870, #31584585 are all replies on the same post.


  Reveal hidden contents


As you shouldn't have. This is entirely unsurprising coming from this site.
Link to comment
Share on other sites
N3X15 Rookie

N3X15

Posted
Posted (edited)

I'm not going to change my password here because both a lack of a secure connection, and because the breach is still not patched.

 

However, I will be auditing my passwords and changing passwords on /other/ sites that match this one.

 

Thank you for letting us know about this.

Edited by N3X15
Link to comment
Share on other sites
Xetaxheb Apprentice

Xetaxheb

Posted
Posted

Increasing your password length does loads more for security than adding special characters does.

 

A standard lowercase alphabet password with 12 characters is about 3000 times the number of potential combinations that 9 characters with lowercase alphabet and 6 special character options is.

 

(adding 3 characters to the length instead of adding 6 possibilities to the characters to remember.)

Link to comment
Share on other sites
RealmEleven Enthusiast

RealmEleven

Posted
Posted

"That email" was meaningless and indicates nothing - particularly deferring to "trusted sources". People generally deploy appeal to authority arguments like those unspecified "trusted sources" when they're engaged in fraud or unwittingly propagating somebody-else's fraud. About the only exception I've encountered is when people idolize and try to emulate high status individuals who engage in dishonest behaviour (e.g. politicians, religious leaders, etc) and so blindly copy their style of argument without realizing how damning it is when heard by folks in the know about such things. Either way, that email's not worth considering simply for the lack of actionable facts. Dare I suggest the source-header might be far more informative than the body text. And If I were to guess ... I think the email a form of misdirection - I mean, you can see it's not pointing you to the facts you need in order to prevent a criminal act and if the email's author is in possession of any of those facts, that'd be aiding and abetting would it not?

 

Getting back to what the email isn't helping with, with respect to paragraph 5 of the OP, I don't agree that it's damning. It seems that your server logs confirm the account activity...? In absence of anything contradictory about the IP addresses connected with the activity, I think it will more than likely indicate a new bug going around and the users in question might want to pull their hard disks and have them scanned by a something up to date that is run from a nice fresh clean operating system which isn't used to do anything other than download AV updates and scan the hard disks removed from other systems. But I guess that's their call.

 

To the question of your server integrity, I downloaded a bunch of stuff yesterday and the day before and... well, if there's something lurking on your server, where's my copy of sound.dll? More to the point, if your server's been hacked, why distribute sound.dll with three mods that don't need sound (i.e. where the file really stands out like a house cat in an aquarium) instead of some of the many mods where the presence of a sound library might make sense (e.g. True Storms)? And why not hit Nexus Mod Manager? That has to have the largest audience. Anyways, dead system scan coming up while I have breakfast so if I find anything interesting I'll let you know.

 

For now, I think that a number of user accounts may have been compromised by malware probably originating with other sites and operating from the user systems in question. But I still think it's worth looking into how much control you really have over advertising content injected into your site by third party advertising channels.

 

Also, one really important detail concerning other people finding out about compromised accounts before you do; this will tend to happen anyway, but I think it may occur more often if you don't have a clear channel of communication (e.g. a site contact) accessible to people who cannot log in. If someone can't log in, can they lodge a support ticket? You still need to run email verification against password resets and the like, but if users who've lost access can't contact you, they will voice the issue elsewhere.

Link to comment
Share on other sites
BillooFR Rookie

BillooFR

Posted
Posted (edited)
In response to post #31589970.


  Reveal hidden contents


They have scanned all the files so I assume you should be safe :) I double checked the download i made, including one of the incriminated file and didn't find anything bad with both AV i'm using on PC and laptop. Edited by BillooFR
Link to comment
Share on other sites
Nekoyoubi Rookie

Nekoyoubi

Posted
Posted
In response to post #31558720. #31559325, #31573900, #31574430, #31575890, #31575970, #31579990, #31580480, #31581870, #31584585, #31589515 are all replies on the same post.


  Reveal hidden contents


Meh. Haters gonna' hate. Nexus never did me wrong. f*#@ your "all positive"-esque commentary too. So he's allowed to have a negative opinion, but the rest of us are mocked for a positive one. Sounds like trolls feeding trolls to me.
Link to comment
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...