# Site hacked, had to ditch a day of posts to be safe



## sand flea (Oct 24, 1999)

Hey everyone, sorry about all the downtime today. BubbaHoTep had the presence of mind to call me this afternoon when he noticed that two new admins were knocking around the site. Long story short, two separate admin accounts were established earlier this morning...and I hadn't created them.

I had two options: remove some files on the backend that they used to get in and hope for the best, or roll back to the last good backup before they got in. While there is no evidence that any malware or anything else was installed I played it safe and used the last known backup before they got in. That means that everything on the site since Sunday is gone--posts, PMs, pics. I'm really sorry about that but I felt like it was the right thing to do given the potential nastiness they could get up to. I'd rather play it safe than end up with more headaches down the line.

We're probably okay but some sites have been hit harder than others and haven't been able to scrub this mess out on the first attempt. I've done a lot on the backend to clear things up, but there are hundreds of forums all over the internet falling to this hack and the idiots behind them sometimes leave back doors to cause more trouble. Again, I think we're okay but I'll have to watch it closely in the next few days.


----------



## dudeondacouch (Apr 6, 2010)

My super secret admin accounts are gone? Curses!


----------



## NC KingFisher (Nov 20, 2011)

Solid did it. Dang nerds


----------



## solid7 (Dec 31, 2010)

Yes, I did. I made you co-super-duper admin. But you had to blow it by changing Shooter's avatar to a sheep in a burlesque outfit. I told you that you're the only one that thinks that **** is funny...


----------



## dudeondacouch (Apr 6, 2010)

I was just about to change the settings so everyone could have animated avatars, too.

It was gonna be AWESOME!


----------



## sand flea (Oct 24, 1999)

I guess we were due. P&S has been around since 1999 without a single successful attack (if you don't count my monkeying around with things and bringing the site down ). Guess our luck ran out. Ugh...I'm beat. Don't hesitate to shoot me a PM if any of you see weird stuff going on.


----------



## dudeondacouch (Apr 6, 2010)

sand flea said:


> ...if any of you see weird stuff going on.


I haven't seen any RiverRig threads posted today. :spooky:


----------



## solid7 (Dec 31, 2010)

Now that you mention it, I did see where a bunch of people were being nice to a complete douche, for no good reason. Heck, usually people around here act like a complete douche to nice people. I tried to help them get in the right frame of mind, but then the site went down.

Wait, that's just me that does that, isn't it?


----------



## solid7 (Dec 31, 2010)

Congrats on your successful invader deflection, sandflea. Next time, let us have some fun, though, would ya?


----------



## dudeondacouch (Apr 6, 2010)

solid7 said:


> a bunch of people were being nice to a complete douche, for no good reason.


What are these internets coming to?


----------



## sand flea (Oct 24, 1999)

I once considered the worst April Fools prank ever: making EVERY user a mod for 24 hours just to watch the carnage: people erasing posts, banning each other, and causing mayhem. Then I sobered up.


----------



## dudeondacouch (Apr 6, 2010)

99% of people wouldn't even notice.


----------



## solid7 (Dec 31, 2010)

sand flea said:


> I once considered the worst April Fools prank ever: making EVERY user a mod for 24 hours just to watch the carnage: people erasing posts, banning each other, and causing mayhem. Then I sobered up.


This year, when March rolls around, I'll help you ready the backups. That would be incredible... Hell, you could even make a contest, to see who the last man standing would be. Call it 'Survivor - P&S'.

Love it.


----------



## NC KingFisher (Nov 20, 2011)

That's easy. Probably not solid, wd, dude on da couch, me, or any of those whiny Yankees


----------



## solid7 (Dec 31, 2010)

Namin' names could easily be construed as a personal attack. I'm going to report this thread, and have it closed, promptly.

Shhooooooooter!!! Than annoying kid from Bunnlevel is trying to wind up the hillbilly again!


----------



## BubbaHoTep (May 26, 2008)

NC KingFisher said:


> Solid did it. Dang nerds


That would be "Cornhusking Analytical Nerds" to you, NCKF. 



solid7 said:


> . . . . changing Shooter's avatar to a sheep in a burlesque outfit. . . .


BWA HA HA

No need for a burlesque outfit. A sheep, goat, or skunk _au naturale_ will do quite well. That outta get papaw in here now. 

Seriously, I'm glad you were able to get it, boss. I didn't know exactly what was up, but I knew it wasn't right. I'll also keep a close eye out as best I can here in the next few days.


----------



## NC KingFisher (Nov 20, 2011)

solid7 said:


> Namin' names could easily be construed as a personal attack. I'm going to report this thread, and have it closed, promptly.
> 
> Shhooooooooter!!! Than annoying kid from Bunnlevel is trying to wind up the hillbilly again!


He's to busy playin with Pepe the skunk lol


----------



## wvbud22 (Jun 9, 2011)

Where im from sites never get hacked


They get hicked


----------



## AbuMike (Sep 3, 2007)

solid7 said:


> Namin' names could easily be construed as a personal attack. I'm going to report this thread, and have it closed, promptly.
> 
> *Shhooooooooter!!! Than annoying kid from Bunnlevel is trying to wind up the hillbilly again!*


now that's funny right there....hahahahahahaha


----------



## RuddeDogg (Mar 20, 2004)

nc kingfisher said:


> solid did it. Dang nerds


Too funny........lmao!!!!!


----------



## Shooter (Nov 14, 2004)

Bubba,,, dang brown noser,, always shown off to the boss,,, "I saved the site, I saved the site" and here I was already to take over and was gonna make Solid and that fisher dude my site mods and have them start wacken post and whuppen butt. Good thing I used a different screen name and changed my font so I couldnt be traced 

Hey Flea,,, could I wack some of these turds picken on me and blame it on the hacker???


----------



## solid7 (Dec 31, 2010)

Shooter said:


> gonna make Solid and that fisher dude my site mods and have them start wacken post and whuppen butt.


You deserve a day off. You know... So you can learn about fishing.


----------



## RuddeDogg (Mar 20, 2004)

solid7 said:


> You deserve a day off. You know... So you can learn about fishing.


Good one!!


----------



## MSRIEF (May 21, 2007)

Thanx for all your efforts, and keep on diggin Sand Flea!


----------



## Eattheflounder (Apr 24, 2011)

Apparently reddrumtackle forums took a heavy hit yesterday. Google has had a block on it for two days. That makes me wonder if it is some greenie/enviro bird lover behind it. We will probably never know. RDT is still not up. 
The problems that that site had a year or two ago really set them back. It used to be a very good location specific website with lots of posts, they were always busy. Now they are lucky to get two posts a day. 
Good work on keeping things moving forward here Bubba and Sandflea. Thanks for all of your efforts to make this site work well for all of us. Does this mean that I have to thank Shooter too even though he did not catch it before Bubba?

ETF


----------



## akhan (Mar 17, 2011)

I think you might have ticked somebody off by stopping the 3 word story post, lol...I will start it again!!

....There Once was...


----------



## solid7 (Dec 31, 2010)

akhan said:


> I think you might have ticked somebody off by stopping the 3 word story post, lol...I will start it again!!
> 
> ....There Once was...



Hackers. The End.


----------



## AL_N_VB (Apr 3, 2002)

sand flea said:


> I once considered the worst April Fools prank ever: making EVERY user a mod for 24 hours just to watch the carnage: people erasing posts, banning each other, and causing mayhem. Then I sobered up.


Muawahhhhhh!


----------



## chest2head&glassy (Jul 2, 2002)

I'm thinking the Syrian treehugger hackers were behind these fishing forum hacks.


----------



## sand flea (Oct 24, 1999)

I don't believe this was an ideological attack from any organized group. Like I said, tons of forums got hit with this hack because of a vulnerability that wasn't patched. (If you run a forum elsewhere and haven't been hit yet, for the love of God make sure you haven't left any files in your /install/ folder. You do not want this mess.) These things happen from time to time. I'm just happy that we didn't appear to have any individual accounts compromised or have malware installed. Other sites have gotten hit much harder.


----------



## solid7 (Dec 31, 2010)

Will you be doing a vBulletin update in the near future?


----------



## sand flea (Oct 24, 1999)

solid, everything is patched and should be safe for now. I'm hanging back on upgrading to 5.x. Having some serious doubts about their future as a platform. They stopped innovating a long time ago, their release cycle is half-assed, and their commitment to security is sloppy. I'll definitely let y'all know before I make any major decisions though. We're on a stable release for the time being and things should chug along fine. I'd really like to return to the way P&S was back in the day, running a more magazine-style front page, but it takes a lot of time and money to crank out articles, not to mention the pain in the neck of running a content management system along with a forum. I'm all ears if anyone wants to suggest a better solution.

Alright, enough nerd stuff. Back to the fishing!


----------



## DANtheJDMan (Aug 29, 2012)

I thought I was loosing my mind until I saw this thread. I posted about a Star Stellar and looked today and it was gone like I never posted. Ok I'm a little slow.


----------



## NC KingFisher (Nov 20, 2011)

Scooter would have got it first, but he lost his glasses. As usual, they were behind the bengay


----------



## solid7 (Dec 31, 2010)

NC KingFisher said:


> Scooter would have got it first, but he lost his glasses. As usual, they were behind the bengay


You said "Shooter" and "bengay" in the same sentence. Sounds like a Little Johnny joke in the making. Even better yet, sounds like a new thread in the making.


----------



## dudeondacouch (Apr 6, 2010)

sand flea said:


> ...but it takes a lot of time and money to crank out articles...


Just let us write the articles. It'll go great, I swear!


----------



## ruddyduck (Nov 17, 2005)

Thanks for fixing the site and your time


----------



## fishhead (Oct 18, 2004)

Thanks for cleaning up the mess Matt!

The internet is a fragile critter, so enjoy it until it comes crashing down for good ... just saying


----------

