Forum Advisory

Discussion in 'Bukkit News' started by ZeldoKavira, Nov 13, 2016.

Thread Status:
Not open for further replies.
  1. Offline

    ZeldoKavira

    Sunday morning we had an unfortunate discovery and found that the front page of the site had been vandalized. We have no reason to believe your personal data, or passwords, were accessed.

    We’ve determined that a bad actor was able to compromise an administrator’s account. Using that account, they were able to edit templates and deface the front page of the site. As soon as we found out, we took immediate action to protect you, our users, and took the site offline.

    As a precaution, we’re taking additional measures to help prevent this type of defacement in the future. This includes, but is not limited to, resetting moderator and administrator account’s passwords.

    Thank you for your patience as we’ve worked through this today. Please reach out if you have any additional concerns.

    Thanks,
    Zeldo
     
    tjbruce, Wispyy and bwfcwalshy like this.
  2. Offline

    Marti201

    That's unfortunate :(
    Was BukkitDev affected in any way?
     
  3. Offline

    Lolmewn

    Again?! Just - how?
     
  4. @Marti201 No BukkitDev is separate and was/is completely unaffected.
     
    Marti201 likes this.
  5. Offline

    mbaxter ʇıʞʞnq ɐ sɐɥ ı

    You really need to re-evaluate your password security training. This is not the first time.
     
    Last edited: Nov 13, 2016
  6. Offline

    Shaner_X

  7. Offline

    StealthBravo

    What I don't understand is why there are 10 accounts with admin privs; 3 of which haven't been active in over a year and 2 of those 3 being former Bukkit team members that will never be back. This is just asking for trouble.
     
  8. Offline

    Necrodoom_V2

    The last time an administrator's account got compromised we found out the login page was compromised, months later. Did you actually check the website for malicious data?
     
    coxie53, boomboompower and xize like this.
  9. Offline

    Tecno_Wizard

    @Necrodoom_V2, I was thinking the same thing.

    I have an insanely long password for this site, I never log in with my email anymore, and I always have privacy badger on when I view Bukkit now.

    When I finish my next plugin, I'm leaving Bukkit forever. Curse can't seem to get their act together with this site, and there are plenty of other mediums for connecting with the community than here. For goodness sakes the time templates are still broken!
     
    coxie53 likes this.
  10. Offline

    C.L.

    So OurMine hacked us to test our security. Now someone on Spigot said that OurMine agreed to fix our security issues, too. Here's the quote:
    Is it true that OurMine is now helping to fix our security issues? Someone on spigot also said they aren't some evil hack group.
     
  11. Offline

    Tecno_Wizard

    @C.L. OurMine is interesting.

    From what I know (assuming this was actually OurMine), OurMine is a "gray" hat hacking team that targets sites trying to sell their protection tools/assistance. I say "Gray" hat because while they say their intentions are good, I really don't believe that. True white hats don't deface sites, post as others, or do other malicious actions to networks. They are supposed to detect and report. No more. Doing things that harm the systems is precisely what white hats try to stop, and they are not doing that. Hence the term gray hat. I'd say they're closer to this shade, maybe darker.

    Again, all of this is assuming that it was actually OurMine that did this.

    As for Curse's response, I HIGHLY doubt they are using them for protection. They are simply jerks in my mind.

    Feel free to correct me if I am wrong, everyone.
     
    DoggyCode™, bwfcwalshy and C.L. like this.
  12. Offline

    Acharige

    I think you should consider archiving the forums and only leaving BukkitDev open.
    • Everyone knows Bukkit died, and have since moved to Spigot
    • This site is full of ads...
    • Forums are essentially dead
     
    coxie53 likes this.
  13. Offline

    Tecno_Wizard

    @Acharige we were talking about this in r/SpilledBukkit too. It might be time to put in the few months notice.
     
    LordDarthBob, bwfcwalshy and Acharige like this.
  14. Offline

    Necrodoom_V2

    Id have to mention that 'detect and report' was what done the last time an exploit was found, and the reporter was completely ignored until he published the information publicly.

    @Acharige Theres some purpose for these forums, for information about what happened about Bukkit and support for official Craftbukkit, but Curse is resisting any effort to that. In fact i STILL cant put a proper announcement on what happened to Craftbukkit without Curse removing it and saying the Bukkit project is on 'hiatus'.
     
    Acharige likes this.
  15. Offline

    MaxFireIce

    Hey, guys. Bukkit isnt that bad. They are doing the best they can and you cant exactly prevent hackers. Anything is possible when you put your mind to it, including hacking into things. It only happens a few times, and when it does happen it is resolved quickly. They are doing the best they can guys. I want to see you guys run the show if you are so good at keeping hackers out. This community is amazing and there will be a lot of sad people if you shut it down. Dont judge too harshly on things out of anyone's control. If you dont like it then you dont have to be here telling the world how bad it is.
     
  16. Offline

    Tecno_Wizard

    @MaxFireIce I can see you're kind of new to the forums, so you don't know a lot of the history behind it. I completely get where you are coming from, however, we remember the days when these forums were in far better shape than they are today, and we're kind of upset that they haven't been maintained as well as they used to be. As far as I can remember back, we've never had these kinds of hacking issues before or other issues with the forum services (DevBukkit account linking, the 2 year Javadoc hiatus [ask anyone about that]). That's all.

    We really do appreciate what Curse has done, but we are used to the days when the community ran the forums. Things went a lot more smoothly then.

    Then there's the issue that Spigot has become the somewhat official (sorry Necro) developer of the Bukkit API and CraftBukkit. Spigot really is the lead forum for Bukkit now, and we feel that these forums just don't have a reason to exist anymore.

    *Goes and turns off computer to avoid incoming hate, but I did my best to be as honest yet polite about it as I could*
     
    Aluiomeb, boomboompower, xize and 2 others like this.
  17. Offline

    MaxFireIce

    If bukkit used to be run by the community rather than curse, then I can see where all of this is coming from then.
     
  18. Offline

    Necrodoom_V2

    @MaxFireIce Yep. To make it worse, it was done by force, as Mojang overreached their legal ownership and had Curse kick off Evilseph and delete things they didnt like.
     
  19. Offline

    MaxFireIce

  20. Offline

    LordDarthBob

    Should we make an info-thread in Offtopic for the subreddit? Might help people find it if they haven't already, or people who stumble on after the entire forum has been archived.
     
  21. Offline

    xize

    Sorry to ask, but I'm missing some information.

    What was the intention of their defacement?, to spread malware? or to place a text?

    If it is malware some users may are definitely at risk for their passwords.
     
  22. Offline

    C.L.

    @xize Whatever their reason was it's stupid. Basically advertising there stuff in a brute-force way is what I'm guessing. Then their methods of advertising by defacing a website definitely won't get bukkit to buy their shit! Because if you want someone to buy from you, you don't destroy their property? That's just common sense. @OurMine go fukkit somewhere else!
     
  23. Offline

    boomboompower

    Do you even have any evidence it was OurMine. It is possible for someone not in ourmine to do this and say it was OurMine

    what if it was posted on spigot?
     
    zackxoxo and moshimonsters like this.
  24. Offline

    Necrodoom_V2

    @boomboompower spigot is not an approved or legal developer of craftbukkit, i do not care about what they post.
     
  25. Offline

    boomboompower

    I meant you could say what happened to cb there. Curse wouldn't remove it
     
  26. Offline

    Necrodoom_V2

    @boomboompower Considering spigot's legal claim depends on that they pretend they never had a second DMCA sent against them and usage of a safe-haven host, my post will still be removed, only based on spigot's agenda rather than Curse.
     
  27. Offline

    UnseenMC

    Exactly.
    Bukkit is dying and this is the main reason.
    There are less than half a dozen active staff while Spigot has more than a dozen active, good and efficient staff.
    Please protect us all by deleting the 5 inactive admin accounts.
     
  28. Offline

    mbaxter ʇıʞʞnq ɐ sɐɥ ı

    There are plenty of reasons this community has less activity than when it was the place of active server mod development, but "there are too many people with admin access!" isn't one of them.
     
    renuvasouth likes this.
  29. Offline

    Zombie_Striker

    Also, it isn't that there are too many people with admin access, it is that there are inactive accounts that have admin access.
     
    renuvasouth likes this.
Thread Status:
Not open for further replies.

Share This Page