General > Suggestions Box
Passwords Stolen - www.timewastersguide.com hacked in April 2011
ad130:
--- Quote from: Astounding on August 22, 2011, 05:30:07 PM ---A quick search didn't show me any threads dealing with the April 2011 hack of this forum, www.timewastersguide.com wherein 6000 email addresses and hashed passwords were stolen. I found out about it when my email address started receiving spam. I only use that address here, nowhere else, and I have never shared it or posted it or made it public.
ANYONE with a SIMPLE password whose email address is one of the 6000 addresses should log in and CHANGE their password. Even though the passwords appear to be hashed (MD5? SHAx?), a quick dictionary attack will reveal the passwords. I assume that this has already happened months ago.
Looking through the forums, I saw that at least one user reported his/her account was hijacked/stolen.
Site administrators, I'm curious as to what actions you have taken since April to close the security hole the hacker used. Was it a forum software bug that a subsequent upgrade has made secure?
If you wonder if YOUR email address was one of the 6000, check here:
http://pastebin.com/fYdHt3ni
Here are a few 'blog and web posts about the hack:
http://www.cyberwarnews.info/2011/08/16/time-wasters-guide-accounts-database-leaked-by-thehacker12/
http://thehacker12.blogspot.com/2011/08/over-6500-email-passwords.html
Thanks for any/all info.
Aaron out.
--- End quote ---
Pay attention to what I say B***** ??? ThEhAcKeR12 has hacked the site in end of July but released it on 16th August 2011. The only reason he had posted 6,500 user information is cause he just wanted to show the loop hole in this fucking site or this site just had 6500 members. Till the date he has leaked about 1,00000 emails with passwords including many government(US, UK & India mainly) information.
PS- Blocking him from blogger wont stop anyone from posting the information, it will just fuel it & he will be having fame. Tell the admin to improve the stupid security of the website to prevent 'the data from being stolen'!
Do tell the admin that this account is hacked :)
God Bless ya all ;D
Dougal:
--- Quote from: Astounding on August 22, 2011, 05:30:07 PM ---A quick search didn't show me any threads dealing with the April 2011 hack of this forum, www.timewastersguide.com wherein 6000 email addresses and hashed passwords were stolen. I found out about it when my email address started receiving spam. I only use that address here, nowhere else, and I have never shared it or posted it or made it public.
ANYONE with a SIMPLE password whose email address is one of the 6000 addresses should log in and CHANGE their password. Even though the passwords appear to be hashed (MD5? SHAx?), a quick dictionary attack will reveal the passwords. I assume that this has already happened months ago.
Looking through the forums, I saw that at least one user reported his/her account was hijacked/stolen.
Site administrators, I'm curious as to what actions you have taken since April to close the security hole the hacker used. Was it a forum software bug that a subsequent upgrade has made secure?
If you wonder if YOUR email address was one of the 6000, check here:
http://pastebin.com/fYdHt3ni
Here are a few 'blog and web posts about the hack:
http://www.cyberwarnews.info/2011/08/16/time-wasters-guide-accounts-database-leaked-by-thehacker12/
http://thehacker12.blogspot.com/2011/08/over-6500-email-passwords.html
Thanks for any/all info.
Aaron out.
--- End quote ---
A same post but from one the admin itself with the password 'jackass' :D
Pay attention to what I say B***** ThEhAcKeR12 has hacked the site in end of July but released it on 16th August 2011. The only reason he had posted 6,500 user information is cause he just wanted to show the loop hole in this fucking site or this site just had 6500 members. Till the date he has leaked about 1,00000 emails with passwords including many government(US, UK & India mainly) information.
PS- Blocking him from blogger wont stop anyone from posting the information, it will just fuel it & he will be having fame. Tell the admin to improve the stupid security of the website to prevent 'the data from being stolen'!
Do tell the admin that this account is hacked
God Bless ya all
Spriggan:
I don't think I'm going to be able to patch the forum 100% without doing a complete new install due to the custom code TWG uses which prevents the updater from working.
czamora:
--- Quote from: Astounding on August 22, 2011, 05:30:07 PM ---A quick search didn't show me any threads dealing with the April 2011 hack of this forum, www.timewastersguide.com wherein 6000 email addresses and hashed passwords were stolen. I found out about it when my email address started receiving spam. I only use that address here, nowhere else, and I have never shared it or posted it or made it public.
ANYONE with a SIMPLE password whose email address is one of the 6000 addresses should log in and CHANGE their password. Even though the passwords appear to be hashed (MD5? SHAx?), a quick dictionary attack will reveal the passwords. I assume that this has already happened months ago.
Looking through the forums, I saw that at least one user reported his/her account was hijacked/stolen.
Site administrators, I'm curious as to what actions you have taken since April to close the security hole the hacker used. Was it a forum software bug that a subsequent upgrade has made secure?
If you wonder if YOUR email address was one of the 6000, check here:
http://pastebin.com/fYdHt3ni
Here are a few 'blog and web posts about the hack:
http://www.cyberwarnews.info/2011/08/16/time-wasters-guide-accounts-database-leaked-by-thehacker12/
http://thehacker12.blogspot.com/2011/08/over-6500-email-passwords.html
Thanks for any/all info.
Aaron out.
--- End quote ---
One more down 8)
Pay attention to what I say B***** ThEhAcKeR12 has hacked the site in end of July but released it on 16th August 2011. The only reason he had posted 6,500 user information is cause he just wanted to show the loop hole in this fucking site or this site just had 6500 members. Till the date he has leaked about 1,00000 emails with passwords including many government(US, UK & India mainly) information.
PS- Blocking him from blogger wont stop anyone from posting the information, it will just fuel it & he will be having fame. Tell the admin to improve the stupid security of the website to prevent 'the data from being stolen'!
Do tell the admin that this account is hacked
God Bless ya all
Eelldytinka:
На сайте - http://gani.boltonogovo.ru/horoshie-blyadi.html есть города казахстана список проститутки проститутки на российском телевидение подборка красивых трансвеститов femdom киев девочки проститутки так ведь бляди ж екатеринбург проституты снять проститутки в городе самара.
Navigation
[0] Message Index
[#] Next page
[*] Previous page
Go to full version