Articles
Xoops.org hacked, again!
In yet another attack, which again seems to have originated from a disgruntled webmaster from an ex official support website in Brazil, Xoops.org has again being hacked and is now offline. The official support site status was stripped from him after he continued with inappropriate postings in the Xoops.org forums and comments sections, despite being given many warnings and more than ample chance to correct his behaviour.
This is now the third attack on Xoops internet based resources in as many months, and the main suspect of all attacks appears to be the same. I hope the Xoops.org staff is able to use the following information showing the sequence of events that I and others observed along with their webserver log files in order to look at what legal avenues are available. Xoops has been a strong and active community for a long time, and to attack the community in such a way for the sake of some personal grudge is way beyond acceptable. I hope the perpetrator is prosecuted to the full extent of the law.
1) Between 11am local time (GMT +10) Xoops.org was unavailable for around several minutes with an error message saying that it was unable to connect to the database. I did not take close attention to the time, as I had no idea what was about to happen in the following hours.
2) Approximately 1:30PM local time (GMT +10) Xoops homepage title changed to read, "when you look long into the abyss, the abyss looks long into you". There seemed to have been a veiled threat related to this in the forums earlier.
3) Approximately 1:30PM local time (GMT +10) forums posts from years ago being marked as current.
4) Approximately 1:30PM local time (GMT +10) all user PM's and notification settings deleted.
5) Approximately 1:30PM local time (GMT +10) people trying to send PM's got replies sent from their own accounts with the message;
"*Are you seeing what I'm seeing?*yes, I can see... dead people.
6) Approximately 1:30PM local time (GMT +10) all images used for rank and avatars were deleted.
7) Approximately 1:30PM local time (GMT +10) user ID 1 (webmaster account) was replaced with that of the account of Mikhail Miguel from Brazil who runs the site that was formerly an official Xoops support site.
- Add new comment
- 1573 reads
Comments
Re: Xoops.org hacked, again!
Hi there.
Current message at Xoops.org:
Is this a real site closed message, is there a problem with the xoops code and is xoopscube.org a site associated with xoops.org?
Cheers for any info.
Dave
PS: I also saw the db error with the xoops pages last night as I was trying to find examples of template hacking so that I could follow your great google adsense guide and get those ads in all the right places.
Re: Xoops.org hacked, again!
Thanks for the heads up. It looks like they are getting bolder and attacked the site again. Here's the text showing up at the site now:
I sincerely hope that some legal action is taken. This is beyond stupid.
Re: Xoops.org hacked, again!
Hey, first time here...nice looking site. It's a shame that this had to happen to xoops.org and I hope the developers get everything back on track soon...for the sake of many.
Please keep us posted. Thanks.
Re: Xoops.org hacked, again!
We're doing our very best, of course, to restore the website to its former glory (for what that is worth ;-)). The site was attacked by Mikhail Miguel (he left a very clear trail, and are in the process of filing a police report right now). Somehow, he sees it necessary to stop XOOPS.org and promote XOOPSCube. Onokazu of XOOPScube does not condone these actions, of course. It reflects badly on XOOPScube too...
As soon as we find out how he gained access, and if it is XOOPS or not, we'll reopen the site, and if necessary, release a patch for the system, making it more secure.
Herko
Re: Xoops.org hacked, again!
That's really sad. I hope the developers will not take much time to rebuild it again as they did last time.
By the way, how runs XoopsCube.org ??? i never heard of that one.
I guess the new Xoops.org is coming with 2.2.2 version. That means we will be seeing new improved community.
Hay guys, Cheer up. Coz everything that happens, happens for a reason.
My good wishes for the community.
Fastian
Re: Xoops.org hacked, again!
Herko,
Let me know If I can help in anyway.
don (el paso) :-x
Re: Xoops.org hacked, again!
meantime, i use google site: xoops.org search and then using the cached pages to get some bits of information that i need from xoops.org
good luck theme, you'll always have our support ( i only just donated )
also IT-HQ guys, excelent job with your site, love it!
Tommyz
Re: Xoops.org hacked, again!
Herko,
Please let me know if I can help in any way.
Kind regards,
Highlander
Re: Xoops.org hacked, again!
Good of IT-HQ to document this attack. I read the statement at Xoops.org but was curious to find out more, and now I have. Sounds like he made a real mess of it.
I guess the outcome will be further enhancements to the Xoops code which is great for all of us so like the previous poster says, all things happen for a reason. Although that's not much cop for the Xoops team working on fixing the problem I know!
Thanks to all at Xoops for working hard on rectifying it so we get our community back online.
I am however also curious about Xoopscube.org. The site is still under construction. What's the deal there? What's it all about?
Ted
Re: Xoops.org hacked, again!
Guys, I think it is important that we don't panic about this . This was not a casual by chance attack, this was a very targeted and calculated attack that had a lot of effort put into it. There is No system in the world that is totally secure, especially when those with the motivation and knowledge put there time and effort into it. Mikhail Miguel has had a very large chip on his shoulder towards the Xoops community (and Herko in particular) since he had his official support status stripped from him. The main Xoops.org site is up and going agin now, so I suggest everyone have a look at this article by Herko for an explaination of what has happened.