Go Back   English Forum Switzerland > Support > Support > Forum support  
Reply
 
Thread Tools Display Modes
  #21  
Old 15.01.2019, 14:42
John_H's Avatar
Forum Legend
 
Join Date: May 2013
Location: Up above Nyon
Posts: 3,919
Groaned at 109 Times in 68 Posts
Thanked 5,212 Times in 2,031 Posts
John_H has a reputation beyond reputeJohn_H has a reputation beyond reputeJohn_H has a reputation beyond reputeJohn_H has a reputation beyond reputeJohn_H has a reputation beyond reputeJohn_H has a reputation beyond repute
Re: was englishforum's forum-software hacked?

Quote:
View Post
Ongoing issue, ignore and do not pay !

There are some more threads on this already, you are not alone
Could there be more it ?? Some people are indeed reporting that they only use this password for EF.
That password is being quoted by the scammer.
So yeah, sure, they won't have a video of you in the nip or all of your contacts.. But they have that password and probably the associated email address. Their automated tool will now be trying those on hundreds of other sites, from paypal to banks to mail etc..

If EF has indeed been compromised, then potentially a lot people are actually at risk..
1:Many people don't use different passwords for each service.
2:Many people will have exchanged personal details via private message, these could also be exposed.

I think ADMIN should be making some statement?
Reply With Quote
The following 2 users would like to thank John_H for this useful post:
  #22  
Old 15.01.2019, 14:47
Forum Veteran
 
Join Date: Feb 2012
Location: Zürich
Posts: 937
Groaned at 3 Times in 3 Posts
Thanked 538 Times in 327 Posts
ChrisNeedsToKnow has a reputation beyond reputeChrisNeedsToKnow has a reputation beyond reputeChrisNeedsToKnow has a reputation beyond reputeChrisNeedsToKnow has a reputation beyond repute
Re: was englishforum's forum-software hacked?

Was just posting this as a warning. Didn't find the other thread.


I also think that the password will now be automatically tried on many other websites. Luckily that won't get them anywhere in my case, but still.
Reply With Quote
  #23  
Old 15.01.2019, 14:50
Ouchboy's Avatar
Forum Legend
 
Join Date: Jun 2008
Location: Baden
Posts: 3,285
Groaned at 46 Times in 41 Posts
Thanked 5,478 Times in 2,103 Posts
Ouchboy has a reputation beyond reputeOuchboy has a reputation beyond reputeOuchboy has a reputation beyond reputeOuchboy has a reputation beyond reputeOuchboy has a reputation beyond reputeOuchboy has a reputation beyond repute
Re: Englishforum security breach?

https://haveibeenpwned.com/PwnedWebsites




check yo'self before yo' wreckety wreck yo self
Reply With Quote
  #24  
Old 15.01.2019, 14:55
Forum Veteran
 
Join Date: May 2007
Location: Basel
Posts: 577
Groaned at 13 Times in 7 Posts
Thanked 255 Times in 156 Posts
SwissMorgs is considered knowledgeableSwissMorgs is considered knowledgeableSwissMorgs is considered knowledgeable
Re: was englishforum's forum-software hacked?

I experienced the same ... see the thread I started.

Since then I was contacted by the EF admin.

He recommended using haveibeenpwned.com to see if my email address is listed.

For me it shows btc-e and linkedin.

It is possible that some years ago, I was using the same password as EF for one of the above sites, but in recent times, I now ensure I've got different passwords for every site.
Reply With Quote
  #25  
Old 15.01.2019, 15:02
Ouchboy's Avatar
Forum Legend
 
Join Date: Jun 2008
Location: Baden
Posts: 3,285
Groaned at 46 Times in 41 Posts
Thanked 5,478 Times in 2,103 Posts
Ouchboy has a reputation beyond reputeOuchboy has a reputation beyond reputeOuchboy has a reputation beyond reputeOuchboy has a reputation beyond reputeOuchboy has a reputation beyond reputeOuchboy has a reputation beyond repute
Re: was englishforum's forum-software hacked?

i posted it on the other thread...
ugh...


https://www.englishforum.ch/3030566-post17.html
Reply With Quote
  #26  
Old 15.01.2019, 15:12
aSwissInTheUS's Avatar
Forum Legend
 
Join Date: Nov 2007
Location: Zurich area
Posts: 12,786
Groaned at 99 Times in 88 Posts
Thanked 19,577 Times in 8,681 Posts
aSwissInTheUS has a reputation beyond reputeaSwissInTheUS has a reputation beyond reputeaSwissInTheUS has a reputation beyond reputeaSwissInTheUS has a reputation beyond reputeaSwissInTheUS has a reputation beyond reputeaSwissInTheUS has a reputation beyond repute
2019 Englishforum.ch User Database Security Breach

Some when in the past the Englishforum.ch User Database has been hacked, copied, and possible leaked to malicious third parties. See accounts of ChrisNeedsToKnow
Quote:
I sign up to each and every service using a different email-address. This way I know where someone got my email from.

Today I received the following SPAM/SCAM, but undoubtedly they must've gotten my email from englishforum:
Quote:
Hi!

As you may have noticed, I sent you an email from your account.
This means that I have full access to your acc: On moment of crack (my@email.com) password: (this actually shows a password I once used)
[...]
https://www.englishforum.ch/complain...re-hacked.html
and SwissMorgs
Quote:
Today I received a ransom email to my private gmail account, informing me that they (the sender) knows my password and then went on to show it (it was correct/accurate).
[...]

I use different passwords for every site I access/use and the password they listed/showed is the one I use to access Englishforum.
https://www.englishforum.ch/daily-li...ty-breach.html

Questions to the Mods, The Local, Editor Bob
  • When were you made aware about a potential breach?
  • Why was there so far no information?
  • When did this breach happen?
  • What amount of data was stolen copied and how many users are affected?
  • Has the attack vector been identified and fixed?
  • Why are the passwords stored in plain text or in an other non secure format?
  • Was the breach through the server software/forum code or through advertiser injected code changes?
  • Rumor has a rouge Mod once copied user data in the past (several years ago). Is this related?

Expecting answers.
__________________
On Hiatus- Normal operation will resume 22.02.2022 22:02:20.22
Reply With Quote
The following 16 users would like to thank aSwissInTheUS for this useful post:
  #27  
Old 15.01.2019, 15:15
Forum Veteran
 
Join Date: Feb 2012
Location: Zürich
Posts: 937
Groaned at 3 Times in 3 Posts
Thanked 538 Times in 327 Posts
ChrisNeedsToKnow has a reputation beyond reputeChrisNeedsToKnow has a reputation beyond reputeChrisNeedsToKnow has a reputation beyond reputeChrisNeedsToKnow has a reputation beyond repute
Re: was englishforum's forum-software hacked?

That's why I recommend not only using a different password for each service, but also a different email
Reply With Quote
  #28  
Old 15.01.2019, 15:22
Guest
 
Posts: n/a
Re: was englishforum's forum-software hacked?

It is 2019, best is to never use any sensitive/personal info on a site still using vBulletin v. 3.8.4 which also demands an old PHP version and delete any that still might be on. And assume that it is not a question if the site would be hacked, but only a question of when it would happen.

The software simply is to old to be trusted. (of all the sites I use this is by far the most old software of all of them) Best would be a migration to actual software but this costs time and money.
Reply With Quote
  #29  
Old 15.01.2019, 15:23
NotAllThere's Avatar
Forum Legend
 
Join Date: Oct 2008
Location: Baselland
Posts: 12,990
Groaned at 206 Times in 183 Posts
Thanked 18,823 Times in 7,673 Posts
NotAllThere has a reputation beyond reputeNotAllThere has a reputation beyond reputeNotAllThere has a reputation beyond reputeNotAllThere has a reputation beyond reputeNotAllThere has a reputation beyond reputeNotAllThere has a reputation beyond repute
Re: 2019 Englishforum.ch User Database Security Breach

See this https://www.englishforum.ch/forum-su...letin-5-a.html
Reply With Quote
The following 3 users would like to thank NotAllThere for this useful post:
  #30  
Old 15.01.2019, 15:28
Guest
 
Posts: n/a
Re: 2019 Englishforum.ch User Database Security Breach

Quote:
View Post
[*] Rumor has a rouge Mod once copied user data in the past (several years ago). Is this related?
I would be more than angrily surprised if a mod would be able to subtract passwords.

And I assume this ain't the case since the software itself does not allow for such.
Reply With Quote
  #31  
Old 15.01.2019, 15:30
Administrator
 
Join Date: Mar 2008
Location: Munich
Posts: 214
Groaned at 44 Times in 24 Posts
Thanked 1,748 Times in 621 Posts
Editor Bob has a reputation beyond reputeEditor Bob has a reputation beyond reputeEditor Bob has a reputation beyond reputeEditor Bob has a reputation beyond reputeEditor Bob has a reputation beyond reputeEditor Bob has a reputation beyond repute
Re: 2019 Englishforum.ch User Database Security Breach

Q. When were you made aware about a potential breach?
A. Yesterday afternoon.

Q. Why was there so far no information?
A. It wasn't clear that there had been a breach. It still isn't, although it looks more possible today than it did yesterday.

Q. When did this breach happen?
A. If there is a breach, don't know. First I heard was when SwissMorgs reported something yesterday.

Q. What amount of data was stolen copied and how many users are affected?
A. Don't know.

Q. Has the attack vector been identified and fixed?
A. No.

Q. Why are the passwords stored in plain text or in an other non secure format?
A. Passwords are not stored in plain text. The passwords for this version of vBulletin are stored in the database as md5(md5($password) + $salt). Browser-side cookies are saved as md5(md5(md5($password) + $salt) + COOKIE_SALT) where COOKIE_SALT is the license ID of the software.

Q. Was the breach through the server software/forum code or through advertiser injected code changes?
A. If there is a breach, don't know.

Q. Rumor has a rogue Mod once copied user data in the past (several years ago). Is this related?
A. I don't know about this.

EDIT: Click for the full update: englishforum.ch/security
Reply With Quote
The following 7 users would like to thank Editor Bob for this useful post:
This user groans at Editor Bob for this post:
  #32  
Old 15.01.2019, 15:44
TheLaughingCow's Avatar
Senior Member
 
Join Date: Apr 2012
Location: US
Posts: 279
Groaned at 2 Times in 2 Posts
Thanked 218 Times in 119 Posts
TheLaughingCow has earned the respect of manyTheLaughingCow has earned the respect of manyTheLaughingCow has earned the respect of many
Re: 2019 Englishforum.ch User Database Security Breach

Welp. I figured it was just some scammer targeting someone per usual.

Guess I was wrong

Still hoping it wasn't a breach, and that everyone has their stuff secured.
Reply With Quote
  #33  
Old 15.01.2019, 15:46
Textoch's Avatar
Forum Veteran
 
Join Date: Mar 2011
Location: Texas, USA (formerly Vaud, CH)
Posts: 1,201
Groaned at 25 Times in 23 Posts
Thanked 3,054 Times in 935 Posts
Textoch has a reputation beyond reputeTextoch has a reputation beyond reputeTextoch has a reputation beyond reputeTextoch has a reputation beyond reputeTextoch has a reputation beyond reputeTextoch has a reputation beyond repute
Re: 2019 Englishforum.ch User Database Security Breach

Quote:
View Post
Q. When were you made aware about a potential breach?
A. Yesterday afternoon.

Q. Why was there so far no information?
A. It wasn't clear that there had been a breach. It still isn't, although it looks more possible today than it did yesterday.

Q. When did this breach happen?
A. If there is a breach, don't know. First I heard was when SwissMorgs reported something yesterday.

Q. What amount of data was stolen copied and how many users are affected?
A. Don't know.

Q. Has the attack vector been identified and fixed?
A. No.

Q. Why are the passwords stored in plain text or in an other non secure format?
A. Passwords are not stored in plain text. The passwords for this version of vBulletin are stored in the database as md5(md5($password) + $salt). Browser-side cookies are saved as md5(md5(md5($password) + $salt) + COOKIE_SALT) where COOKIE_SALT is the license ID of the software.

Q. Was the breach through the server software/forum code or through advertiser injected code changes?
A. If there is a breach, don't know.

Q. Rumor has a rogue Mod once copied user data in the past (several years ago). Is this related?
A. I don't know about this.
While your prompt response to aSwissInTheUS' questions is appreciated, the many "I don't know" responses are concerning. Please comment on your plan to resolve the questions as well as your communication plan to update forum members as to what has happened and what needs to take place in order to secure their info.
Reply With Quote
This user would like to thank Textoch for this useful post:
  #34  
Old 15.01.2019, 16:06
aSwissInTheUS's Avatar
Forum Legend
 
Join Date: Nov 2007
Location: Zurich area
Posts: 12,786
Groaned at 99 Times in 88 Posts
Thanked 19,577 Times in 8,681 Posts
aSwissInTheUS has a reputation beyond reputeaSwissInTheUS has a reputation beyond reputeaSwissInTheUS has a reputation beyond reputeaSwissInTheUS has a reputation beyond reputeaSwissInTheUS has a reputation beyond reputeaSwissInTheUS has a reputation beyond repute
Re: 2019 Englishforum.ch User Database Security Breach

Thank you Mr. Bob.

Quote:
View Post
Q. Why are the passwords stored in plain text or in an other non secure format?
A. Passwords are not stored in plain text. The passwords for this version of vBulletin are stored in the database as md5(md5($password) + $salt). Browser-side cookies are saved as md5(md5(md5($password) + $salt) + COOKIE_SALT) where COOKIE_SALT is the license ID of the software.
A 8-letter or less password with upper, lower case, and numeral characters will take a maximum of 41 minutes per user to crack on a 8x Nivida 1080 Rig. https://gist.github.com/epixoip/a83d...bbef804a270c40
For the price of around 1 kWh of invested energy.

Then use some password dictionaries (there are 517 Millionen "known" passwords) plus variants of englishforum and you will crack a hell of a lot.
https://www.troyhunt.com/86-of-passw...er-statistics/
https://www.troyhunt.com/pwned-passw...3-is-now-live/

With the dropped crypto currency prices and unused mining rigs this can become a worthwhile endeavor.
Not sure what their operating margin might be but we know they try to fleece USD 800 from a scared "costumer".
__________________
On Hiatus- Normal operation will resume 22.02.2022 22:02:20.22

Last edited by aSwissInTheUS; 15.01.2019 at 16:18.
Reply With Quote
The following 3 users would like to thank aSwissInTheUS for this useful post:
  #35  
Old 15.01.2019, 16:16
Guest
 
Posts: n/a
Re: 2019 Englishforum.ch User Database Security Breach

Being a techno-dunce, can someone explain what it means? (Sorry, I'm thick )

Is it enough now to just change the password or is it too late and like closing the barn door after the horse has bolted?

In a data breach, what sort of stuff is at risk?
Reply With Quote
The following 2 users would like to thank for this useful post:
  #36  
Old 15.01.2019, 16:28
Guest
 
Posts: n/a
Re: 2019 Englishforum.ch User Database Security Breach

Quote:
Being a techno-dunce, can someone explain what it means? (Sorry, I'm thick )

Is it enough now to just change the password or is it too late and like closing the barn door after the horse has bolted?

In a data breach, what sort of stuff is at risk?
As long as you don't use the same password for multiple sites/accounts (aka use common sense when online) then all they can do is log into englishforum and make naughty posts under your name if you don't change your password.

In a data breach anything stored on englishforum under your account is potentially accessible, such as your email address.
Reply With Quote
  #37  
Old 15.01.2019, 16:28
Guest
 
Posts: n/a
Re: 2019 Englishforum.ch User Database Security Breach

Quote:
View Post
Thank you Mr. Bob.



A 8-letter or less password with upper, lower case, and numeral characters will take a maximum of 41 minutes per user to crack on a 8x Nivida 1080 Rig. https://gist.github.com/epixoip/a83d...bbef804a270c40
For the price of around 1 kWh of invested energy.
Truth be told is that such speeds only can be gotten if the to be hacked password is on the same machine if this has to happen over the internet it is going to be a much, much longer story, besides that nobody in his right mind would imho do such for an EF user password unless it is something very very personal. Such way of storing like EF does is for a site like EF to be deemed good enough.
Reply With Quote
  #38  
Old 15.01.2019, 16:31
aSwissInTheUS's Avatar
Forum Legend
 
Join Date: Nov 2007
Location: Zurich area
Posts: 12,786
Groaned at 99 Times in 88 Posts
Thanked 19,577 Times in 8,681 Posts
aSwissInTheUS has a reputation beyond reputeaSwissInTheUS has a reputation beyond reputeaSwissInTheUS has a reputation beyond reputeaSwissInTheUS has a reputation beyond reputeaSwissInTheUS has a reputation beyond reputeaSwissInTheUS has a reputation beyond repute
Re: 2019 Englishforum.ch User Database Security Breach

Quote:
Is it enough now to just change the password or is it too late and like closing the barn door after the horse has bolted?
Change the EF password, and use a new different password on all site where you use the same or maybe a similar one.

Quote:
In a data breach, what sort of stuff is at risk?
Your e-mail address, your password which can be used to scare you or log into other accounts where you also used it, plus all your PMs and hidden profile information. These again may contain "sensitive" information such as your physical address and real name which can further be used to scare you.

The email Chris got was still pretty generic. Now think it also contains more personal information such as your name, address, a non public photo, and maybe something about your hobbies, plus later a phone call from an unknown number. But one would have to actually write them instead of automatically generating hundreds.

The worst is if you pay. The crazy thing is they do not have any actual kompromat but they know that you did something naughty which you are willing to hide for money. They for sure will not stop to collect the eggs of this golden goose.
__________________
On Hiatus- Normal operation will resume 22.02.2022 22:02:20.22
Reply With Quote
The following 4 users would like to thank aSwissInTheUS for this useful post:
  #39  
Old 15.01.2019, 16:42
aSwissInTheUS's Avatar
Forum Legend
 
Join Date: Nov 2007
Location: Zurich area
Posts: 12,786
Groaned at 99 Times in 88 Posts
Thanked 19,577 Times in 8,681 Posts
aSwissInTheUS has a reputation beyond reputeaSwissInTheUS has a reputation beyond reputeaSwissInTheUS has a reputation beyond reputeaSwissInTheUS has a reputation beyond reputeaSwissInTheUS has a reputation beyond reputeaSwissInTheUS has a reputation beyond repute
Re: 2019 Englishforum.ch User Database Security Breach

Quote:
nobody in his right mind would imho do such for an EF user password unless it is something very very personal. Such way of storing like EF does is for a site like EF to be deemed good enough.
It is good enough for those scaremails. There are 37915 EF users. Use a limited attack on all and a detailed attack on the 10% most recent active users. Lets say you waste 4000 kWh on this (and the hash rig has paid itself through crypto mining). In China that electricity costs you not even USD 400. One single paying customer and you double your investment. If the goose lies another egg you can start celebrating.
Reply With Quote
The following 2 users would like to thank aSwissInTheUS for this useful post:
  #40  
Old 15.01.2019, 17:18
Forum Veteran
 
Join Date: Mar 2010
Location: Greater Zürich Area
Posts: 940
Groaned at 119 Times in 76 Posts
Thanked 714 Times in 397 Posts
EPMike has an excellent reputationEPMike has an excellent reputationEPMike has an excellent reputationEPMike has an excellent reputation
Re: 2019 Englishforum.ch User Database Security Breach

Quote:
Truth be told is that such speeds only can be gotten if the to be hacked password is on the same machine if this has to happen over the internet it is going to be a much, much longer story, besides that nobody in his right mind would imho do such for an EF user password unless it is something very very personal. Such way of storing like EF does is for a site like EF to be deemed good enough.
I believe that time was for the time needed to "reverse engineer" a clear text password from the hash.
Reply With Quote
Reply

Tags
englishforum hack, password stolen, security breach, security password hack




Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Security breach: avoid buying online and using ATMs [Heartbleed Vulnerability] olygirl TV/internet/telephone 27 07.06.2014 15:10
A security breach happened at [fill in the blank aSwissInTheUS Daily life 1 21.05.2014 18:44
Major security breach at LinkedIn Castro TV/internet/telephone 13 07.06.2012 17:17
US issued card holders take note ( security breach issue ) jrspet International affairs/politics 1 31.03.2012 14:54
Guardian Jobs in UK - Security Breach transition International affairs/politics 0 26.10.2009 13:51


All times are GMT +2. The time now is 23:13.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2021, Jelsoft Enterprises Ltd.
LinkBacks Enabled by vBSEO 3.1.0