The short version of today's events:
What happened: A moderator's account was compromised
Did I get hacked? No, your data is safe and not at risk.
Have you fixed everything? No, not yet.
How long will it take to fix everything? We TBH don't know.
The long version of what happened today:
Today's events were triggered that a single moderator account got compormised. This was a targeted attack at that moderator, although we don't understand why it was him specifically. Nobody else seems to have been targeted. The moderator probably had a weak password, which allowed the hacker to come in. This means that your data is safe, you do not need to change your password, or be worried about anything. Unless you have a weak password, but that is an issue which is not limited to CFC.
We do know more about the nature of this targeted attack. We recently had to permanently ban a senior member of the forum, as he alleged that the forum was used to groom children. Obviously nothing like pizzagate is happening here, and he failed to produce any evidence. He still went mental afterwards, and harrassed us multiple times here in the forum and on social media (some people might recall events related to this). Today's attack was most likely him, as he banned multiple members with the accusation that they might be grooming children.
This background luckily tells us that this was targeted at specific members, and that the data of everyone else is safe.
We are still considering what we are doing right now with the fallout.
The hacker did mainly 3 things:
- He banned a couple of members. This has been reversed
- He deleted and locked a bigger bunch of threads. This has been reversed.
- He took all the threads where someone most recently had posted in (that is in total 35, which corresponds to one forum page) and merged them into a single thread. This were threads which together have a couple of 10.000 posts, as e.g. the movie thread from OT or the permaban thread from the moderators forum were included. Lymond seems to have reconstructed 5 of these smaller threads (if I see that right), but the rest we cannot do manually, at least not fully, although we will certainly be able to recover the OPs. This has also affected a couple of download database resources which were connected to these threads. Thunderfall has asked Xenforo if there is a solution for this, which does not include using a backup of the database. A database backup is run every 12h, and the last one was affected by the hack. Xenforo support will most likely only be available tomorrow morning, at which point a database rollback will mean losing 36h of posts. We do not know if there is a good solution for this. The more time passes, the more unlikely this gets, and we definitely prefer another solution.
We will keep you updated what is going to happen.
We are sorry for this situation, please bear with us.
What happened: A moderator's account was compromised
Did I get hacked? No, your data is safe and not at risk.
Have you fixed everything? No, not yet.
How long will it take to fix everything? We TBH don't know.
The long version of what happened today:
Today's events were triggered that a single moderator account got compormised. This was a targeted attack at that moderator, although we don't understand why it was him specifically. Nobody else seems to have been targeted. The moderator probably had a weak password, which allowed the hacker to come in. This means that your data is safe, you do not need to change your password, or be worried about anything. Unless you have a weak password, but that is an issue which is not limited to CFC.
We do know more about the nature of this targeted attack. We recently had to permanently ban a senior member of the forum, as he alleged that the forum was used to groom children. Obviously nothing like pizzagate is happening here, and he failed to produce any evidence. He still went mental afterwards, and harrassed us multiple times here in the forum and on social media (some people might recall events related to this). Today's attack was most likely him, as he banned multiple members with the accusation that they might be grooming children.
This background luckily tells us that this was targeted at specific members, and that the data of everyone else is safe.
We are still considering what we are doing right now with the fallout.
The hacker did mainly 3 things:
- He banned a couple of members. This has been reversed
- He deleted and locked a bigger bunch of threads. This has been reversed.
- He took all the threads where someone most recently had posted in (that is in total 35, which corresponds to one forum page) and merged them into a single thread. This were threads which together have a couple of 10.000 posts, as e.g. the movie thread from OT or the permaban thread from the moderators forum were included. Lymond seems to have reconstructed 5 of these smaller threads (if I see that right), but the rest we cannot do manually, at least not fully, although we will certainly be able to recover the OPs. This has also affected a couple of download database resources which were connected to these threads. Thunderfall has asked Xenforo if there is a solution for this, which does not include using a backup of the database. A database backup is run every 12h, and the last one was affected by the hack. Xenforo support will most likely only be available tomorrow morning, at which point a database rollback will mean losing 36h of posts. We do not know if there is a good solution for this. The more time passes, the more unlikely this gets, and we definitely prefer another solution.
We will keep you updated what is going to happen.
We are sorry for this situation, please bear with us.
Last edited by a moderator:
