Forum - View topicUpdate: What's Going On with Anime News Network?
Goto page Previous Next Note: this is the discussion thread for this article |
Author | Message | |||
---|---|---|---|---|
Emma Iveli
Posts: 679 Location: Hobo with internet |
|
|||
Man this is crazy. I even had to tell my mom who used to work for Viz Media. I mean come on, this is really, really crazy.
|
||||
Samet Chan
Posts: 10 |
|
|||
@invalidname, Are you an owner right?
phpBB is an older version in 2005. I saw that copyright software. Why you didn't update to version new phpBB software or something import to new XenForo software strongly a security. phpBB may be hacked. If I am wrong. Because of public RCE Exploit. |
||||
Velshtein
Posts: 72 |
|
|||
The question now is: Why was ANN attacked?
If I had to venture a guess, I would wager that it has something to do with the forum community here, and in particular, the way moderators run the place. |
||||
Zin5ki
Posts: 6680 Location: London, UK |
|
|||
Sorry to hear that this happened. Rogues and ne'er-do-wells seem limitless in their capacity at times. At least we got a backup domain within the course of a few hours!
|
||||
xstylus
Posts: 263 |
|
|||
It's sadly easier than one would think, if one isn't careful. Let's say there's an admin or superuser of a company or website. Let's also say this person is also a user of one of the many other sites that recently suffered a data breach. (And, in fact, according to haveibeenpwned.com, there are indeed @AnimeNewsNetwork.com email address holders whose info has been compromised through no fault of their own.) Let's also say that one of those admins may have the bad habit of re-using a single password at multiple sites, and has not changed it in a long time. All a hacker has to do (and it doesn't even need to be a GOOD hacker) is to snoop around for one of the publicly released breaches and see if any of the passwords are still any good -- and voila, he's in. Once they got in, they apparently found enough information to be able to log into the domain registrar and initiate a transfer, and/or to intercept the registrar transfer emails. That's plausible because some companies share an "in-case-of-emergency" list that contains important passwords (such as twitter logins, site host logins, registrar logins, secondary email accounts, and other credentials), which is shared with important company individuals. Dunno if ANN does this, but I've previously worked with companies who do. Anyway... again, not saying that what I described above is what actually happened, but that's one of many ways (and often the most common way) that things like this happen. Moral of the story: Change your passwords often, use two-factor authentication, and don't use re-use the same password everywhere. Last edited by xstylus on Tue Aug 08, 2017 1:37 pm; edited 4 times in total |
||||
Emerje
Posts: 7336 Location: Maine |
|
|||
Since they were also going after personal Twitter accounts related to ANN it's hard to see this as anything other than a targeted attack rather than collateral damage.
The forums (and much of the site) here are heavily modified and customized to meet ANN's needs, upgrading to a new version would be a rather large undertaking. Emerje |
||||
Tenchi
Posts: 4469 Location: Ottawa... now I'm an ex-Anglo Montrealer. |
|
|||
Did they actually hack the site itself or just change the DNS info to route to their own server rather than the one at which ANN is hosted? I suspect it's the latter but if you're concerned about your forum password being compromised, you should probably change it. Last edited by Tenchi on Tue Aug 08, 2017 1:32 pm; edited 1 time in total |
||||
KutovoiAnton
Posts: 941 Location: Vladimir, Russia |
|
|||
Sad to see this happening. And I've got a question: if I'll add anything to encyclopedia on back-up site, will it remain, when the main site is back, or I'd better to wait?
|
||||
Master Menos
Posts: 15 |
|
|||
Sorry to hear this happen to you guys! D: I hope the damage wasn't too great, even though this was a huge hack attack.
|
||||
Zac
ANN Executive Editor
Posts: 7912 Location: Anime News Network Technodrome |
|
|||
Our servers were not compromised, but it never hurts to change your password. We set articles to publish last night that still went up today, for example. More information to come! |
||||
vampireknightgal
Posts: 34 |
|
|||
What they did was pretty low on their part. hope everything gets sorted out on your end.
Here's some cookies to help you through... |
||||
ChibiKangaroo
Posts: 2941 |
|
|||
I assume that some of the initial result of the hack will be reversed in due time once the proper actions are taken by Twitter etc. That being said, if you guys need an IP attorney, you know where to find me...
|
||||
Tenchi
Posts: 4469 Location: Ottawa... now I'm an ex-Anglo Montrealer. |
|
|||
It's still the same website on the same server, so anything you add to the encyclopedia should be there no matter which domain name you use to get to it. |
||||
TasteyCookie
Posts: 421 |
|
|||
Man that's pretty crazy. Sorry to hear about it Hopefully they didn't do anything too crazy with your twitters. Anime fans (assuming one was responsible) can be extremely petty.
|
||||
Kimiko_0
Posts: 1796 Location: Leiden, NL, EU |
|
|||
Did you get the 4nn.cx URL shortener/redirect back already? Earlier today it showed a "domain name for sale" placeholder.
|
||||
All times are GMT - 5 Hours |
||
|
Powered by phpBB © 2001, 2005 phpBB Group