Wayne
04-21-2009, 02:04 PM
Its been an eventful day or two to put it mildly. The short version is that all my sites that I run were hacked about 24 hours ago along with my twitter account. There have been hacks before (in fact it was someone hacking and infecting the quickstart videos on dashdotslash that instigated mudboxhubs' creation and opening in less than 24 hours orginally way back), but nothing as distructive as this one.
All in all 5 domains were affected:
DashDotSlash.net
DashDotSlash.info
MudboxHub.com
BeastForge.com
TheBeastForge.com
(Those last two are co owned by myself and Glen Southern for times when we do work together).
This time around a real number was done on us...without going into too many details, this was a professionally done hack and not just some little johnny with back orifice or netbus..... Everything ended up being infected with malware and worse...to compound matters as soon as the googlebot saw this they put a large red warning on the site. (Which is still on the other domains as they have yet to be sorted out again.)
So the only action left to take as soon as we found out was to close mudboxhub to keep our users as safe as we could until we found a way back. That proved to be quite hard.... luckily all the videos are safe on hard copy on my drive so those wil not be gone for long. On dashdotslash.net for example (my 'work' site, 7 years of highly optimised behind the scenes code was ruined.... so as it'd take too long to redo the entire backend I'll be forced to redesign the whole site again..any volenteers give me a shout lol)
This hack also meant that it became obvious that there was another large security loophole caused by our old forum software. Cris Robson (no relation) who runs 3D Palace came to the rescue with a copy of this forum software that we have until the license runs out in july. The bottom line is that the site must pay for itself by that time or we may be forced to close. But rest assured I'll do all within my power to keep this place open.
New Feature #1: User Gallery's
Every registered user now has the ablity to have their own user gallery to store their images in. The only rule is that if you stick them in gallery here...you must post them here if you wish to use the link elsewhere. (Just as a measure so that bandwidth doesn't get eten away on non mudbox stuff that never see's a forum post here.)
What this has done is meant I can now bring in some new features I had planned for a future point forward a bit. I'll outline those as they are implemented...I'll leave some as a suprise although its no secret that all the ground up and quickstart vids will eventually be available in high res here on MudboxHub.com. But that is not all thats planned.
I would urge you to bare with us while we sort out the forum software to add a top row and make it a bit nicer to use. I can promise that we're doing our best in a very hard situation. I would also advise all users for their own piece of mind to do a full virus scan. We're 90% sure nothing reached any end users...but its always best to play safe.
So who did it? Well if I could prove it I'd not be sitting here typing about it. But the golden rule when investigating hacks like this is to ask yourself one question: 'who would benefit by mudboxhub disapearing along with the Mudbox QuickStart videos and information source that the forum was ? The list isn't very long....
Wayne
PS ..and yes I am very bloody angry....but I wont be pushed around by bullies. Each time they take us down we will come back bigger and stronger util they get the message.
All in all 5 domains were affected:
DashDotSlash.net
DashDotSlash.info
MudboxHub.com
BeastForge.com
TheBeastForge.com
(Those last two are co owned by myself and Glen Southern for times when we do work together).
This time around a real number was done on us...without going into too many details, this was a professionally done hack and not just some little johnny with back orifice or netbus..... Everything ended up being infected with malware and worse...to compound matters as soon as the googlebot saw this they put a large red warning on the site. (Which is still on the other domains as they have yet to be sorted out again.)
So the only action left to take as soon as we found out was to close mudboxhub to keep our users as safe as we could until we found a way back. That proved to be quite hard.... luckily all the videos are safe on hard copy on my drive so those wil not be gone for long. On dashdotslash.net for example (my 'work' site, 7 years of highly optimised behind the scenes code was ruined.... so as it'd take too long to redo the entire backend I'll be forced to redesign the whole site again..any volenteers give me a shout lol)
This hack also meant that it became obvious that there was another large security loophole caused by our old forum software. Cris Robson (no relation) who runs 3D Palace came to the rescue with a copy of this forum software that we have until the license runs out in july. The bottom line is that the site must pay for itself by that time or we may be forced to close. But rest assured I'll do all within my power to keep this place open.
New Feature #1: User Gallery's
Every registered user now has the ablity to have their own user gallery to store their images in. The only rule is that if you stick them in gallery here...you must post them here if you wish to use the link elsewhere. (Just as a measure so that bandwidth doesn't get eten away on non mudbox stuff that never see's a forum post here.)
What this has done is meant I can now bring in some new features I had planned for a future point forward a bit. I'll outline those as they are implemented...I'll leave some as a suprise although its no secret that all the ground up and quickstart vids will eventually be available in high res here on MudboxHub.com. But that is not all thats planned.
I would urge you to bare with us while we sort out the forum software to add a top row and make it a bit nicer to use. I can promise that we're doing our best in a very hard situation. I would also advise all users for their own piece of mind to do a full virus scan. We're 90% sure nothing reached any end users...but its always best to play safe.
So who did it? Well if I could prove it I'd not be sitting here typing about it. But the golden rule when investigating hacks like this is to ask yourself one question: 'who would benefit by mudboxhub disapearing along with the Mudbox QuickStart videos and information source that the forum was ? The list isn't very long....
Wayne
PS ..and yes I am very bloody angry....but I wont be pushed around by bullies. Each time they take us down we will come back bigger and stronger util they get the message.