07-21-2011 04:16 PM
Well, yes, we got hacked. We have put everything back to normal though. We restored to a day old backup, and upgraded from vBulletin 4.1.3 PL1 to 4.1.4 PL2. We believe we were hacked via an exploit that allows for SQL injection, which is what the patch was for, so that is why we were updated. However, one other possibility was that an admin was keylogged, and although we haven't confirmed this yet, it is advised that if any of you used any tool by Relevent, especially including the SB tool Kit, that you uninstall it and run a full system virus scan immediately. The administrator of another website one way or another used a method to hack us, change our index page, steal all the files off of our server, and steal our database. This is why upon reentry to NGU all users and staff will be required to change their passwords. For security purposes, admins passwords, even those who aren't on, have already been changed. The database was put up for sale and supposedly sold, but again, it is useless due to the fact that all user's passwords will be changed. However, PM's may become vulnerable, for it is recommended that if you sent any vulnerable information via PM or VM, that you change any details that could be at risk.
All secret words and pass phrases will also all be disused from now on. An alternate method of getting your account back will be devised instead.
I sincerely apoligize for this guys, and for the downtime, but we wanted to make sure everything was secure again. And rest assured, those parties responsible for this will pay, and although most of you know the website related to it, I DO NOT under any circumstances go to that website and cause shit. We are gonna deal with this in a professional, mature, and legal manner. The only thing any of you guys could do is stir up more shit.
Also, give a big thanks to magglass1 for being on top of the issue, and to Enzo for helping to sort out some of the issues caused by the upgrade.
Thank You for your time and continuing to be loyal, even through all this. -Carling, Enzo, Magglass, Jim, and all the other staff at NGU.
The Following 166 Users Say Thank You to NP Carling26 For This Useful Post:
Como's Hoe #1,
I Like Turtles,
Man of Steel,
Rip The Jacker,
Joel the Pole,
The Open Minded,
Liked because of your name
Originally Posted by Winning
Cheers for the info bro Glad to see were back online now though
That *** Boxhead... He is a idiot skiddy...
And this is why I don't download anything from NGU. You never know what you'll get with it, you know, from all these uber 1337 haxors that have no lives.
I'm glad I used a completely different password on this site to all the other important things.
The Following 2 Users Say Thank You to xinfectedsoulx For This Useful Post:
from El Paso, Texas (915)
I must have no life then :/
Originally Posted by xinfectedsoulx
This is no offense against you or anyone else (maybe against relevant and that box***)
Originally Posted by Midnight.eGo
I just can't get it how much of these no-lifers are out there. I bet these kids are still living together with their parents. They probabyl spent their whole life trying to hack a site. But seriously, is this really an achievement? Can you say your parents then: Oh mum, I finally got it. I hacked NGU. Well anyway, just my view on that whole shit going on last night.
The Following User Says Thank You to Kells For This Useful Post:
from El Paso, Texas (915)
I was JK, and uhmmm, I imagine them old, fat, no light, pale, ugly, hairy, virgins, and no lifes.
Originally Posted by TwelveOrYounger