HWZ Forums

Login Register FAQ Mark Forums Read

[IMPORTANT] HWZ Account Security Advisory

Like Tree5Likes
Reply
 
LinkBack Thread Tools
Old 19-02-2018, 12:20 PM   #1
Senior Moderator
 
bosssaizo's Avatar
 
Join Date: Jun 2015
Posts: 19,154
[IMPORTANT] HWZ Account Security Advisory

Hi everyone,

As you may know, one of our Admin accounts was compromised yesterday evening for about 30 minutes. As a precautionary measure, we have disabled rights for all Admin-level accounts to prevent further access by the hacker.

We are investigating this as a matter of priority and will update you as soon as we can ascertain the extent and source of the breach.

Thank you for your patience. Official updates will be posted here.

Update as of 20th February, 9pm
Dear all, please refer to our official announcement here:-
Link 1:https://deluxeforums.hardwarezone.co...hp?f=16&a=1572
Link 2:https://www.hardwarezone.com.sg/tech...ation-progress

Update as of 27th February
Security measures taken - Password complexity rules enforced + Captha for login process

Update as of 1st March
Security measures taken - Site has switched over to the HTTPS protocol

Update as of 23rd March
Security measures taken - All optional profile fields from user profile have been removed

Update as of 6th April
Security measures taken - Password complexity rules updated

Update as of 30th April
Security measures taken - 2FA for forum member accounts now available
FatalityV likes this.
__________________
Former admin | just ORD-ed~
bosssaizo is offline   Reply With Quote
Old 19-02-2018, 12:43 PM   #2
Arch-Supremacy Member
 
Otokiru's Avatar
 
Join Date: Nov 2008
Posts: 11,801
... one of our Admin accounts was compromised...
hi, i dont think only 1 account is compromised...
i think the whole database was compromised...
pls come clean!
__________________
★ O҉͕̩̤̫t͔̔͢o͖̘̦̥̰k̼͇͋ͤ͆͗̇̆i̊͏r̷̠ͥǘ̮̜͙̖̙̈ͬ ★彡
Otokiru is offline   Reply With Quote
Old 19-02-2018, 12:51 PM   #3
High Supremacy Member
 
Machiavel's Avatar
 
Join Date: Apr 2015
Posts: 37,312
More like your entire DB.
__________________
品人品文千人千面,无缘不必强求,有缘必再相见
Machiavel is online now   Reply With Quote
Old 19-02-2018, 01:04 PM   #4
Honorary Member
 
Join Date: Mar 2008
Posts: 112,816
judging from whatever was leaked, at least publicly, it is not just one of your admin accounts being compromised and it is not definitely not only yesterday that the server/database was being compromised

Sent from 303 Gombak Drive using GAGT
garpew is offline   Reply With Quote
Old 19-02-2018, 01:23 PM   #5
High Supremacy Member
 
amazingone's Avatar
 
Join Date: Jan 2015
Posts: 45,614
I think all accounts in hwz forum are compromised though.
amazingone is online now   Reply With Quote
Old 19-02-2018, 01:28 PM   #6
Supremacy Member
 
heng_ah's Avatar
 
Join Date: Sep 2015
Posts: 5,523
From what I observed, TS has posted ambiguous info.

TS said one of our Admin accounts was compromised yesterday evening for about 30 minutes.

- Not sure whether only one admin account or all accounts (regardless access level) have been compromised.
- Not sure whether it was compromised yesterday or weeks ago, whether it linked to the first reported hack to DarkStarer's account last month.
- Not sure whether it was compromised 30 minutes or much longer. If original log was tampered, how do you ensure the timestamp is still correct?


Hi everyone,

As you may know, one of our Admin accounts was compromised yesterday evening for about 30 minutes. As a precautionary measure, we have disabled rights for all Admin-level accounts to prevent further access by the hacker.

We are investigating this as a matter of priority and will update you as soon as we can ascertain the extent and source of the breach.

Thank you for your patience. Official updates will be posted here.

Last edited by heng_ah; 19-02-2018 at 01:33 PM..
heng_ah is offline   Reply With Quote
Old 19-02-2018, 01:32 PM   #7
Supremacy Member
 
Join Date: Nov 2005
Posts: 9,831
Hi everyone,

As you may know, one of our Admin accounts was compromised yesterday evening for about 30 minutes. As a precautionary measure, we have disabled rights for all Admin-level accounts to prevent further access by the hacker.

We are investigating this as a matter of priority and will update you as soon as we can ascertain the extent and source of the breach.

Thank you for your patience. Official updates will be posted here.
What actions do you recommend to the users (especially those using same passwords across websites etc)for the time being?

Waiting for your investigation?
smith2006 is offline   Reply With Quote
Old 19-02-2018, 01:34 PM   #8
Arch-Supremacy Member
 
kaisoz's Avatar
 
Join Date: Mar 2009
Posts: 10,416
Chope seat
__________________
/103905326-post2716.html
MR loh!!!!!
Destiny is all!
kaisoz is offline   Reply With Quote
Old 19-02-2018, 01:41 PM   #9
Supremacy Member
 
Join Date: Feb 2001
Posts: 7,240
Hi everyone,

As you may know, one of our Admin accounts was compromised yesterday evening for about 30 minutes. As a precautionary measure, we have disabled rights for all Admin-level accounts to prevent further access by the hacker.

We are investigating this as a matter of priority and will update you as soon as we can ascertain the extent and source of the breach.

Thank you for your patience. Official updates will be posted here.
Dear bosssaizo,

May I kindly provide a screenshot of the hack back in December as mentioned by Darkstarer above.

The thread in question has already been deleted.

I can provide more screenshots if you want.

The affected member namely Darkstarer has denied she made the post and hence it should be a case of being hacked?

However, I am unable to come to the conclusion whether it is a vulnerabiltity on the server or user's side.

Thank you.

Spoiler!
Reborn is offline   Reply With Quote
Old 19-02-2018, 02:17 PM   #10
Greater Supremacy Member
 
mata_hippo's Avatar
 
Join Date: Mar 2003
Posts: 85,805
Not only 1 admin account was compromised wad...

Stop downplaying the incident...

They managed to login to more than 1 normal member account. They probably have a reasonable list of account info but just chose to login to a random few.

Normal member account not important ah?
mata_hippo is offline   Reply With Quote
Old 19-02-2018, 02:20 PM   #11
Supremacy Member
 
Join Date: Dec 2017
Posts: 7,928
Not only 1 admin account was compromised wad...

Stop downplaying the incident...

They managed to login to more than 1 normal member account. They probably have a reasonable list of account info but just chose to login to a random few.

Normal member account not important ah?
Very sad to hear this.
Bumiputera is offline   Reply With Quote
Old 19-02-2018, 02:57 PM   #12
Supremacy Member
 
denumb's Avatar
 
Join Date: Sep 2012
Posts: 5,597
http://ryoc.us/how-to-properly-secur...ulletin-forum/
denumb is offline   Reply With Quote
Old 19-02-2018, 03:00 PM   #13
Greater Supremacy Member
 
CjieTehAwesome's Avatar
 
Join Date: Sep 2010
Posts: 87,310
The signs were already there. So many have been hacked before this. It only took a shake up at the top to light a fire under your butts. Normal users don't mean a thing.
__________________

Belli dura despicio
CjieTehAwesome is offline   Reply With Quote
Old 19-02-2018, 03:06 PM   #14
Great Supremacy Member
 
BlackCube's Avatar
 
Join Date: Jul 2003
Posts: 67,599
Are the user password stored in plaintext in the db?
__________________
oyb'in hy gnki py ln. r krep dyeek mrn keg r krep dyeek und r enng oyb lyin pske r psybdsp nznio gko
BlackCube is offline   Reply With Quote
Old 19-02-2018, 03:08 PM   #15
Arch-Supremacy Member
 
retlif's Avatar
 
Join Date: Jul 2006
Posts: 23,519
are there 2FA for admins?
retlif is online now   Reply With Quote
Reply
Important Forum Advisory Note
This forum is moderated by volunteer moderators who will react only to members' feedback on posts. Moderators are not employees or representatives of HWZ. Forum members and moderators are responsible for their own posts.

Please refer to our Terms of Service for more information.


Thread Tools

Posting Rules

Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are On