Popular Post David Posted August 25, 2016 Popular Post Share Posted August 25, 2016 We've been working hard the past week to bring the site back, everything seems to be in order now so here it is. If you missed the email/facebook/tweet/reddit/word of mouth for whatever reason you should know our database was compromised. You should reset your password here and elsewhere if it's the same. GinCat, B4rtlbi3, Noodle and 9 others 12 Link to comment Share on other sites More sharing options...
Dai-San Posted August 25, 2016 Share Posted August 25, 2016 Great to see you back, always hard work after this kinda thing. Repositories aren't working though, just a heads up. Link to comment Share on other sites More sharing options...
Guest Posted August 25, 2016 Share Posted August 25, 2016 It's good to have the forums back up. Link to comment Share on other sites More sharing options...
B4rtlbi3 Posted August 25, 2016 Share Posted August 25, 2016 God bless you guys! Any Idea why this happened? Link to comment Share on other sites More sharing options...
Amentes Posted August 25, 2016 Share Posted August 25, 2016 Respect for all of the fellas who have been working hard to save the situation. Colsta and Josh 2 Link to comment Share on other sites More sharing options...
fir_nev Posted August 25, 2016 Share Posted August 25, 2016 @PiranhA talked to me about some actions to be taken. Hope we can squeeze 'em dry!!! Test.. Test.. Hello... Issit me you're looking for? Link to comment Share on other sites More sharing options...
Steevo Posted August 26, 2016 Share Posted August 26, 2016 Great too see everything is back up and working, thanks for the hard work! Link to comment Share on other sites More sharing options...
Quality Crafted Posted August 26, 2016 Share Posted August 26, 2016 Awesome! Great to hear that everything is back online and thank you ^^. Just to add something I found: adding images is broken I was trying to get a profile picture Link to comment Share on other sites More sharing options...
Minipily Posted August 26, 2016 Share Posted August 26, 2016 Aaaaand im in hospital and shit. Must be my withdrawal from Ahoy, I shall sue. Kirk76 and Noodle 2 Link to comment Share on other sites More sharing options...
TheScar Posted August 26, 2016 Share Posted August 26, 2016 good to see the page back up - really appreciate the work After all this is the only forum i post in ... "officially" You rock! but nxt time ... Link to comment Share on other sites More sharing options...
Chuck Posted August 26, 2016 Share Posted August 26, 2016 God bless you guys! Any Idea why this happened? Unfortunately someone hacked into our database and stole some user information. The reason it has been down for so long is, Muckduck has been busy closing all the security flaws so this hopefully doesn't happen again. Sent from my hamster that lives in my motherboard box B4rtlbi3 1 Link to comment Share on other sites More sharing options...
Yarys Posted August 26, 2016 Share Posted August 26, 2016 good job ! well done ! Nyos 1 Link to comment Share on other sites More sharing options...
Nyos Posted August 26, 2016 Share Posted August 26, 2016 Thanks guy for all your hard work getting the site back and functioning. Link to comment Share on other sites More sharing options...
Max Posted August 26, 2016 Share Posted August 26, 2016 for the love of god tell me you don't store user info in plaintext Link to comment Share on other sites More sharing options...
Auntystatic Posted August 27, 2016 Share Posted August 27, 2016 The user info on forums is all encrypted, but that is not to say that it can not eventually be broken, that's why its best to ask for a password reset when you next login, like everyone else here thanks for the hard work guys. Link to comment Share on other sites More sharing options...
Grezvany13 Posted August 27, 2016 Share Posted August 27, 2016 Question: Is it possible to get a more detailed statement about what happened? What happened? Exploit in software (and could it be prevented by an official update) Hack into the server (and could it be prevented by server admin / hosting company) Abuse of admin account (and was the admin called "admin" with password "admin") Could it have been prevented? By the team who maintains the website (update, server config, admin credentials) Or was it a day-one attack without any known fixes What is done to fix it? What is done to prevent it in the future? What will be done in the future to prevent it from happening again? Who was/were responsible? At AW side (simply "we as AW" is an acceptable answer) the thrid party who "got in" (if known) These are some questions which I always answer in case something happened, even without asking, so I'm surprised that we don't have these yet. I'm aware that not all questions can be answered directly, a a bit more information than "shit happened but we're back" is too little. Background: I've been working in web development for over 10 years now, and unfortunatally had issues like this as well. And I've learned that the most important thing is to stay transparent to clients/users/etc. and take your losses, even when it's not visible to them (which in this case did happen). B4rtlbi3, Josh and Jason. 3 Link to comment Share on other sites More sharing options...
zissou Posted August 27, 2016 Share Posted August 27, 2016 Obviously the details of the hack will not be made public so we are unable to answer detailed questions. But I will attempt to answer things more generally. Could it have been prevented? Not at the time, and not reasonably by the admin team. What is done to fix it? The vulnerability exploited has been closed. What is being done to prevent it happening again? What will be done in the future to prevent it from happening again? Everything possible, remember it was staff as much as members who were the victims and it's in our best interest that this doesn't happen again so rest assured that we are doing everything we can to avoid a repeat. That's about as much info as we're comfortable releasing at the moment. While I know this answer is far from complete you will understand our reluctance to divulge too much and again remember this was a hack that affected us all. We hope you understand and thank you for your patience during this trying time. Auntystatic 1 Link to comment Share on other sites More sharing options...
Auntystatic Posted August 27, 2016 Share Posted August 27, 2016 I've just tried to look at the homepage to check the game trackers and the url sent me straight to the forums http://www.ahoyworld.net/ Home page is back, but it is going to the https:// version which does not have the game trackers on it. Link to comment Share on other sites More sharing options...
Max Posted August 27, 2016 Share Posted August 27, 2016 On 8/26/2016 at 6:18 PM, Chuck Norris said: stole some user information. 4 hours ago, zissou said: - do you know exactly what they stole, or just that they definitely took some data? 4 hours ago, Auntystatic said: I've just tried to look at the homepage to check the game trackers and the url sent me straight to the forums http://www.ahoyworld.net/ Home page is back, but it is going to the https:// version which does not have the game trackers on it. This would be due to recent browser's security settings requiring that all content on a page sent via https is also sent via https, and the trackers are either not available via https or they're not linked to https in the page edit: I think. i am by no means an expert. edit 2: http://i.imgur.com/DuO2VH6.jpg Link to comment Share on other sites More sharing options...
Munic Posted August 28, 2016 Share Posted August 28, 2016 Yeah, at Last ,at Last?? Good Job. Can anyone Tell me why i so not See my Member Tag on the ahoyworld Server anymore? But on ohterServers i do. Link to comment Share on other sites More sharing options...
Jason. Posted August 28, 2016 Share Posted August 28, 2016 @Munic It was explained here: https://forums.ahoyworld.net/topic/3737-new-squadxml-server/ Quote The squad XML is currently down for maintenance, we were simply transferring the tags onto a new server which has unfortunately caused intermittent problems. We are currently working on it and hope to have it solved very soon, I will announce once its up and running fully. FYI it has nothing to do with recent events. - Mark T Link to comment Share on other sites More sharing options...
Munic Posted August 28, 2016 Share Posted August 28, 2016 Thanks Link to comment Share on other sites More sharing options...
DakimDragco Posted September 5, 2016 Share Posted September 5, 2016 Good that the site is back, did change my Pass just incase again. Been out of the game for a while but its still good to know this place is up again after the hack. Link to comment Share on other sites More sharing options...
Jagermeister Posted September 6, 2016 Share Posted September 6, 2016 It's amazing to see the forums back, thanks to everyone who helped and took their spare time to fix this issue.. I hope nothing bad happens again. Respect! Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now