Email from Suikosource about being hacked I think......

A place for members to ask moderators and admins any questions regarding forum rules and maybe even suggestions for the site!
Post Reply
User avatar
Jocky
Posts: 150
Joined: Fri Nov 01, 2013 12:48 am
Location: Scotland

Email from Suikosource about being hacked I think......

Post by Jocky »

I received an email from the Suikosource forums tonight saying that the site had been hacked and that I should change my password (At least that's what I think it says, its a bit weird). Can anyone else confirm or deny that this is the case? Or has anyone else received a similar message?
Here is the content of the email:
haxx0rd

The following is an email sent to you by an administrator of "Suikosource". If this message is spam, contains abusive or other comments you find offensive please contact the webmaster of the board at the following address:
http://www.suikosource.com/phpBB3/membe ... ntactadmin

Include this full email (particularly the headers).

Message sent to you follows:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

seit has bien haxx0rddd
pl0x change pw for all accs

_
Thanks, The Management
The above 2 lines "seit has bien haxx0rddd, pl0x change pw for all accs" is exactly how it appears in the email and I assume it's meant to say "site has been hacked, please change password for all accounts", unless this is utter garbage and I have been tricked. Can anyone help me out here? Is this indeed legit?

Cheers. J
User avatar
EstrangedIX
Posts: 324
Joined: Mon Jul 04, 2011 3:30 pm

Re: Email from Suikosource about being hacked I think......

Post by EstrangedIX »

I got it as well, horrible spelling and all.
Sent from my Ono-Sendai Cyberspace 7 - Break the ICE
User avatar
Royal
Posts: 22
Joined: Sun Jun 27, 2004 11:36 pm
Location: Arlington Heights, IL

Re: Email from Suikosource about being hacked I think......

Post by Royal »

Same here. Didn't look like a phishing e-mail, since I didn't see anything embedded in it and the only URL in it looks clean.

Still, I'm going to be very careful around this site until we hear something from one of the admins. (And I'll be changing my password to something new, regardless.)
User avatar
Jocky
Posts: 150
Joined: Fri Nov 01, 2013 12:48 am
Location: Scotland

Re: Email from Suikosource about being hacked I think......

Post by Jocky »

Yeah, it looked legit enough. The sender was forums@suikosource.com and the link further down the email takes you to the admin contact page for the SS Forums which again, looks real. To be on the safe side though, I logged in to my profile page and changed my password to something obscure just in case the site has indeed been hacked and they have access to the NEW passwords as well.
I hope an admin can comment on this soon to shed some light on what's going on! I love suikosource, and every few months when I have another run through of 1 of the games this is my first port of call. I'd hate it if anything happened to this place!
User avatar
gildedtalon
Posts: 1343
Joined: Thu Mar 18, 2010 12:15 am

Re: Email from Suikosource about being hacked I think......

Post by gildedtalon »

same here, I got the email with the exact same contents :(
My GameFAQs account now is SheenavsKilley
I already closed gildedtalon, my old account
User avatar
Belle
Posts: 314
Joined: Tue Jul 27, 2004 7:49 pm

Re: Email from Suikosource about being hacked I think......

Post by Belle »

I just got it too...

Ha! Leave it to a "hack" to bring me back here.
User avatar
Jocky
Posts: 150
Joined: Fri Nov 01, 2013 12:48 am
Location: Scotland

Re: Email from Suikosource about being hacked I think......

Post by Jocky »

Belle wrote:I just got it too...

Ha! Leave it to a "hack" to bring me back here.
Yeah, I know what you mean. It's been a while since I've been here as well and I gotta say, I was excited to see an email in my inbox from Suikosource! It sucks that I'm here under these circumstances......
Burnt Lasagna
Posts: 10
Joined: Wed Dec 18, 2013 3:12 pm

Re: Email from Suikosource about being hacked I think......

Post by Burnt Lasagna »

Got it also...forgot I had an account here. :)
Skrybe
Posts: 28
Joined: Thu Dec 30, 2004 7:44 pm

Re: Email from Suikosource about being hacked I think......

Post by Skrybe »

Jocky wrote:It's been a while since I've been here as well and I gotta say, I was excited to see an email in my inbox from Suikosource!
Same here!

For what it's worth, the email does look like it was legitimately sent through the board's email system. The full header references sandwich.net, which seems to be where Suikosource is registered and hosted.
Calculus
Global Admin
Posts: 5
Joined: Sun Mar 13, 2016 8:27 pm

Re: Email from Suikosource about being hacked I think......

Post by Calculus »

Hi, folks. I'm James from Sandwich.Net, Suikosource's Web host. The site owner let us know about these e-mails, and it does look like Suikosource was breached. We're helping out as much as we can, and either s/he or I should be in touch soon with more of an explanation. Most importantly: if you used your Suikosource password anywhere else (even with a different username), please change it ASAP.
Omnigamer
Posts: 324
Joined: Wed Feb 13, 2013 11:48 am

Re: Email from Suikosource about being hacked I think......

Post by Omnigamer »

How was user information stored host-side? Were passwords held in plaintext or hashed?
User avatar
Jocky
Posts: 150
Joined: Fri Nov 01, 2013 12:48 am
Location: Scotland

Re: Email from Suikosource about being hacked I think......

Post by Jocky »

I changed my password to something new 15 minutes after I got that email to be on the safe side, and now the SS login page says it is incorrect. So I had to use the reset link to change it AGAIN!
I hope to hell I'm wrong here but does that mean that whoever breached the site still has access to all our information? If so, is there any point in changing our passwords until this is fixed? I truly hope I was just being a tard and had misspelled it several times, but I get the distinct feeling that that isn't the case......
User avatar
EstrangedIX
Posts: 324
Joined: Mon Jul 04, 2011 3:30 pm

Re: Email from Suikosource about being hacked I think......

Post by EstrangedIX »

It did that to me as well, when I tried coming back to change it. Wouldn't let me sign in, so I had to reset it. Hopefully that's just a side effect of whatever is being done to fix things.
Sent from my Ono-Sendai Cyberspace 7 - Break the ICE
User avatar
Vextor
Global Admin
Posts: 1866
Joined: Sun Jun 27, 2004 2:45 am
Location: Japan
Contact:

Re: Email from Suikosource about being hacked I think......

Post by Vextor »

Seems like a relatively benign hacker got in using some sort of exploit (likely phpBB) to get into an admin account to send out a mass e-mail to all members.
All passwords in phpBB are encrypted (and the encoding is generally impossilble to decrypt-- likely there was some exploit that allowed the hacker to enter an account without inputting the password at all. At the moment the site has been backed up and I am discussing with Calculus options to secure the site a bit more.
And yes, all passwords have been reset as a precaution, so everyone would have to register a new one.

Although phpBB is the likely cause, this site is very old and has some old code floating around which can also be exploited. Honestly, some parts of the site even I don't know much about; especially the private folders of previous admins and whatnot are a labyrinth of various scripts that are disconnected from the main site.

Unfortunately, I have limited time to handle issues of this kind-- I will likely need to commission professional help to contain this problem. Hopefully this site can be preserved as much as possible.
User avatar
sticky-runes
Posts: 1939
Joined: Wed Nov 14, 2012 2:29 pm

Re: Email from Suikosource about being hacked I think......

Post by sticky-runes »

I got it too, but I didn't open it, but I was logged out of the site when I visited today (I always have it remember my login) so I don't know if that will cause me any problems?

So, you other guys are still using this site, then...
Post Reply