Last night a message was posted by hackers to an existing new story on the front page announcing that the site had been hacked and that the databases had been deleted and user information copied. There was some additional damage to the forum database. The issues have now been fixed, but almost all forum posts (including news comments) from yesterday (July 14th) have been lost. I would like to apologise for the data loss and any inconvenience caused. More information will be added to this thread.
Read on in the full article.
That explains why I could not find the posting about V11 on Voda for the N97.
What was te admin password? 'symbianrulez'? Mwuhahaha
Heh. Give us some credit 😊 It was weareunbiased 😉
If you see any issues please let me know. Still feel fairly stupid, but I guess these things do happen.
Can I recommend (more) frequent transaction log backups?
Gits! Well done guys, for getting back up and running so quickly.
It's a sad world we live in when some sad act decides to hack useful and informative websites just to get hold of a few email addresses.
Indeed. I'm sorry to see you guys got hacked. There's some really sad people out there. Damn script-kiddie scumbags.
Anyway, looks like you're back up and running. Well done! 😊
for christs sake Rafe, use a better password!
i would be lost without my daily look at this website, its my most important news of the day, beats the toil and trouble with whats going on elsewhere.........well AAS and GSM Arena, what a saddo i am, lol
I noticed another attack was made today. Really, some people should get out more.
I hope the moron who hacked the site is reading the comments he is getting.
so i can assume they have our passwords and usernames now? daymit =( got to change everything.
I did not find conclusive evidence in the logs that the user database had been downloaded, but I'm reluctant to give a 100% guarantee.
Either way the passwords are all hashed (MD5) in the database (i.e. not stored as plain text) so you should be OK (update - see later comment).
Everyone - thanks for all the messages - makes me feel better after a rather torrid day.
Well Rafe, I have to congratulate the AAS Team for getting the site back so fast up and running.
As for the Hacker if he is reading this i just want to say.
I already thought this site was phenomenal, great and a very good site of information, but now I do think that there is no other site, not popular enough nor interesting and well built and with a big community to "try" to hack it.
So at the end of the day I do think, Thanks Rafe,Steve, Ewan & Tzer2 for this phenomenal site.
You Deserve the whole credit as a big and trustful symbian community, all about symbian is the website I keep checking several times a day!
Keep Up the good work guys from the AAS Team!!! HIP HIP HURRA TO THE AAS TEAM!
Ps: Do Not Even Try to Destroy What is Built With So Much Love and Care,,, You just Cant!!!
Rafe wrote:I did not find conclusive evidence in the logs that the user database had been downloaded, but I'm reluctant to give a 100% guarantee. Either way the passwords are all hashed (MD5) in the database (i.e. not stored as plain text) so you should be OK.
Everyone - thanks for all the messages - makes me feel better after a rather torrid day.
GREAT thx for the relief .. but yeah great job getting it back up and we all support you.. sux for people wanting to do these things just to mess up people's days.. mostlikely just to get our emails and not so sensitive information.
Great to see that Rafe and AAS team reacted fast.
Hmm...what strange it is that during this time other symbian stie (MY) was redirecting me to aas.
You should talk to M.. See if his site was damaged too.
Keep it up >>>>we need each other for infos and news,,,
Cheers
MD5 is not impossible to decrypt. It can be done fairly easily with the right tools. I would suggest to everyone to change their passwords, especially if they use the same password for AAS as they do for their email accounts!
Yes that's a fair point, although it is worth pointing out it is a salted MD5 hash (still possible to break of course).
Though, thinking about it, I should say if you use a sensitive password for your forum log in I would advise you to change it.