Script kiddies

__________________

atleast u do backups, if u didnt we may of had to start again

__________________

And that would be bad, horribly bad.

__________________

Allow me to clarify a few things...

We have located the criminals. An external organization is currently doing the favor of investigating the crime.

The attack was much bigger than it seems, maybe because of how quickly I managed to get the site back up (and since it occured during night/early dawn hours in the United States, where most of the traffic is from).

This was actually the first real hacking of our site. All the other times were DDoS attacks, but we have purchased DDoS protection for our server since then, so that shouldn't be that much of a problem anymore.

The attack affected the MySQL databases of the site, which basically is the core of all the information stored on the server. All threads, posts, members, news, and basically everything rely off of the interaction with the MySQL database in order to function and store information.

The hacker added an additional approx. 1,000 random values to each table in the database, in between other values, all over; a total mess. The only reason why the site is up and running at the moment is due to the fact that we also pay for hourly full site backups which go into a storage vault in our datacenter, as well as a backup dedicated server which contains an exact replica of all of the information on the site.

All these security measures have been added and payed for because, quite frankly, I'm tired of having to see a large, strong community going down, from past experience.

The method by which the hacker attacked was not a 'script kiddy', as it's called, form of attack, based on the logs, and most probably has some sort of financial backing, as most commonly attacks of this scale aren't done just because of hate.

The group of IPs we located which were inappropiately accessing the site's MySQL database without authorization were located in New York City, New York. They were neither firewalled, nor proxied, which leads me to believe that it was done through a public computer (be it a library, Internet hotspot, university, etc). The external organization that we are currently in contact with will track down and physically walk into the place where the hacking was done, and will deal with whatever evidence they find.

I would like to give a big thanks to ThePlanet for initiating such an in-depth investigation, and urging authorities to take action.

The site is currently patched of the MySQL flaw. The site could have been fixed even without the backups, but would have taken approximately 50 man hours.

__________________

Maybe it was another pspsite...I always am subspicious tht other psp sites try to
make psp3d look bad, but im probally wrong. Although tht guy 'Richard Bru' he
was suposidly sent by pspupdates to give us a bad reputation.
Lets go no further but I just had to say it.

Just a couple of people that have nothing better to do than mess with psp sites. lol. I can't see any reason why someone would want to hack us. It's a total waste in my opinion, not that the site isn't good. Just that they wont be achieving anything by doing it.

Well adding a few thousand random values to a Mysql table isnt something most people can easily pull off....Especialy in a short amount of time. Im not sure either if the downtime on StarEdit.net was from the same attack or not but they were at the same time.

__________________

Well, shouldn't this be closed now, it has all been said etc...?

__________________

Discracefull. Admin, well done on such a well managed and controlled reaction.

You made the right choice in contacting external authorities, and I'm sure the culprit(s) will be caught, as if this was done in a public place, the School/Library it was initiated on should have logs of Who was on the Computers, and When.

I'm Glad you are doing your best to protect this site. I'd be lost without it, and i'm sure many others will agree. Contrary to what "Hydra" said, i think that it couldn't be another PSP site, as PSP3D has no real enemies, so that is unlikely.

Well done, Admin, keep PSP3D's fire burning!

__________________