Hacked by tiger-m@tE WTF?

berglsmerg · Sep 25, 2011

Anyone else have this problem when tyring to access the site through the front page ? I had to get in via my browser history and then click the forum catagories back to here. I couldn't even get to the correct site forum to post this. Is my computer diseased ? :cry: Smilies work, I can see a response to my second last post and my last post went up ok..... anyone help pleeeeeeease !!!!!!! I feels like the earth has stopped turning. :bounce3:

Quick google search reaveals that this dizick stain is quite the annoying little shyte, cant be much of a hacker if an e-******* like me can still cruise the forum and post. Fuggen wankah.......

schwim · Sep 25, 2011

Calm yourself, my good man. As often happens, one of the thousands of script kiddies found a vulnerability at the server level and replaced all the index.php files. I wasn't able to fix it as I was hanging out with pine trees and clay until about an hour ago.

Rest assured that it's got nothing to do with your computer. You are safe to continue browsing

Sorry it took so long to restore.

thanks,
json

bushmechanic · Sep 25, 2011

http://thehackernews.com/2011/09/inmoti ... ty-fm.html

Davo · Sep 25, 2011

berglsmerg said:
Anyone else have this problem when tyring to access the site through the front page ?

Yeah, seemed to happen around 8:00pm last night and came back up around 8:00am this morn.

berglsmerg said:
I feels like the earth has stopped turning. :bounce3:

Yes too long an outage, was starting to think will it ever come back on line. :tear:
I think we might have to cancel Json's corporate UHE parking space out front of the UHE building for a month or two.
I doubt he will get employee of the month this month

berglsmerg said:
Fuggen wankah.......

:iagree: Would even go as far as to call tigermate an :ahole:

schwim said:
I wasn't able to fix it as I was hanging out with pine trees and clay until about an hour ago.

"clay" You're not buying a Gas Gas are you and turning UHE into UGGE?

uke2:

schwim · Sep 25, 2011

bushmechanic said:
http://thehackernews.com/2011/09/inmotion-hosting-server-and-trinity-fm.html

Mad props to the guy. I also envy the amount of spare time he has. My mom won't let me live in her basement anymore

Davo said:
Yes too long an outage, was starting to think will it ever come back on line. :tear:
I think we might have to cancel Json's corporate UHE parking space out front of the UHE building for a month or two.
I doubt he will get employee of the month this month

Damnit, not again

Davo said:
You're not buying a Gas Gas are you and turning UHE into UGGE? uke2:

No, I was hoping Pat over at KTMTalk would absorb the site so you guys could have a few more forum categories to play with. I feel like I'm cheating you all. How many of us have found ourselves wishing there were a "37-39 YO Left-Handed Males with a Question Concerning the 11th Spoke of the Rear Wheel Counting From the Valve Clockwise Whilst Facing True North" category?

I know I do.

adam_h · Sep 25, 2011

yea i crapped myself thinking my pc was hacked

sixfiddy · Sep 26, 2011

I know that MonkeyGarage.com.au the Z50 and Dax forum has been down for weeks. :angry: :cuss:
Dont know if its related or will ever come back online. :cry:
So much information is lost when things like this happen. Info in so many threads and PM's and such may never be replaced.
Dont know what you got till it's gone!

berglsmerg · Sep 26, 2011

thanks json, I was about to take the computer out the back and blast on it with the trusty ol 450/400 Nitro express. Your sweat is worth bottling.

The_Force · Sep 26, 2011

Acording to a IT news site i found, what this mofo did is not considerd hacking.
He just was able to mess with the DNS registry of the site not the site it self.

Regards

schwim · Sep 26, 2011

Unfortunately, your sources are incorrect. Our buddy replaced every index.php file found on every server under inmotion's control. Husaberg.org alone uses 11 index files. If you look at the wiki, you'll see that the corrupt index still exists there. I'm waiting for the 22gb backup to uncompress so I can get the correct files to repair the remaining portions of the site. I was able to fix the gallery and front page more quickly only because I had local copies available.

RZmike95 · Sep 26, 2011

Thanks for fixing this Json. I can't imagine the satisfaction he must have gotten from inconveniencing dozens of people he doesn't know from reading about motorcycles he can't even pronounce. His mother must be so proud!

The_Force · Sep 26, 2011

schwim said:
Unfortunately, your sources are incorrect. Our buddy replaced every index.php file found on every server under inmotion's control. Husaberg.org alone uses 11 index files. If you look at the wiki, you'll see that the corrupt index still exists there. I'm waiting for the 22gb backup to uncompress so I can get the correct files to repair the remaining portions of the site. I was able to fix the gallery and front page more quickly only because I had local copies available.

ok sorry my bad

Smorgasbord · Sep 26, 2011

And the joker managed to plant virus in the computer each time the site was opened with firefox. I did not try all browsers. Have fun scanning your disks.

schwim · Sep 26, 2011

Smorgasbord said:
And the joker managed to plant virus in the computer each time the site was opened with firefox. I did not try all browsers. Have fun scanning your disks.

There's no need to freak anyone out with incorrect information. I've got the source code of all the hijacked pages and it called 7 images, no executable files and two locally accessed javascripts, both used for a browser hijack attempt, one to move the browser frame around the desktop and one to try to remove the URL bar. Although a browser hijack can trigger a/v software, its by no means a virus and can do no harm to your computer.

I've got the source if anyone would like to see it. Don't waste your time doing any extra scans.

Thanks,
Json

cypher · Sep 26, 2011

i use firefox and tried to access the site several times whilst it was under alien control.

gotta agree with schwim, no indication of any infection or anything untoward occuring to my computers.

adam_h · Sep 26, 2011

i also use firefox and no probs found so as said dont worry.

Smorgasbord · Sep 27, 2011

schwim said:
There's no need to freak anyone out...

That was not my intention. It was only an observation. I too totally agree with schwim, it was nothing really, only av software that was overly cautious. It did not like the javascript download agent activity at the time and identified it as "virus" and two other objects as "unknown virus".
The inconsistency was amusing, no two times with firefox gave the same result, I only tried three times, it was not any more amusing than that. I would have remained quiet had I known there was a risk that anyone would freak out.
No worries people.

Search

Search

Hacked by tiger-m@tE WTF?

berglsmerg

schwim

bushmechanic

Davo

schwim

adam_h

sixfiddy

berglsmerg

The_Force

schwim

RZmike95

The_Force

Smorgasbord

schwim

cypher

adam_h

Smorgasbord

Similar threads

Register CTA

Recent Discussions

Recent Discussions