Welcome to our forum!

Do you want to become a member of our community? Join our forums now!

Register
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Discussion in 'Updates and announcements' started by JelleDRC, Sep 25, 2016.

Thread Status:
Not open for further replies.
  1. JelleDRC Server Owner Staff Member Server Owner

    Offline
    Joined:
    Sep 23, 2012
    Messages:
    4,833
    Hi DRCers

    First of all, NONE of your details have been breached, and your passwords and accounts are all safe.

    Let's start at the beginning.
    They got access to an administrator account (Nobody4life).

    How?
    (Start speculation)
    They downloaded a leaked database with plaintext passwords from the web.
    Due to this, they found out that nobody4life had the same password here.
    (Stop speculation)

    They logged in on the forums and started deleting everything and sending mails with the mass-mail feature of Xenforo.
    Nobody4life also had the same password on the MINECRAFT server, which gave them also full access on the MINECRAFT server itself. They started giving their friends access and it didn't take long for the server to be griefed.

    What?
    They deleted tons of things on the forums and destroyed things ingame. Luckily I have backups and nothing important has been lost.
    They also used the mass-mail feature of Xenforo, therefor tons of you received an email that we had been hacked, and threatening you that you have to follow them on Twitter or you might be next.
    Let me say this straight on: NO data has been breached. They didn't even know your email address when sending you that email. They just used a feature that is built-in in Xenforo.

    If you have any questions, feel free to ask them below.
    Kind regards
    Jelle
     
    Last edited: Sep 25, 2016
    #1
    • Like x 7
    • Winner x 5
    • Informative x 4
    • Funny x 1
    • Optimistic x 1
  2. Nobody4life Obsidian Miner Staff Member Forum Moderator

    Offline
    Joined:
    Oct 17, 2012
    Messages:
    1,361
    I think it is very important everybody does know how this happened and why they targeted me. Being open about things like this are very important for me:

    People will always hate what they can't control/ change, what is better than what they are able to create or be a part of.
    Why me?
    Chance is that they tried other staffmembers first or Jelle but weren't able to get in that way. I was less lucky.
    Does that mean that my personal password got "guessed"?
    Of Course not, but it must have been leaked somewhere. A lot of sites (small and big ones) have a really bad security in their database (not DRC). You hear it on the news at least every month. Some site users date got leaked. I must have been on one of those site before and used the same pw like here (not smart but hey people do make mistakes).
    Then it is just searching on the correct sites for people their info and viola you are a, what they will call them self, a hacker.

    Once they were in they could not reach all the personal information of every player, immagine how secure it would be if the could, so nothing has been leaked.

    Will things like this happen again?
    You will never be able to say no to a question like that, people (or bots) are probably trying again this current moment but you can prevent it as much as possible so no, the chances of it happening again are very small.
     
    #2
    • Like Like x 3
    • Friendly Friendly x 1
  3. Hugh Mungus Builder Builder

    Offline
    Joined:
    Oct 11, 2013
    Messages:
    1,445
    funny to see that people like this still hack drc, they will not make it anywhere in life
     
    #3
    • Like Like x 2
    • Agree Agree x 2
    • Funny Funny x 1
  4. KostasTheGrand2!!! Newbie DRC Player

    Offline
    Joined:
    Jul 30, 2016
    Messages:
    5
    what
    --- This message was merged, Sep 25, 2016 ---
    why this noobs do this ,this guys cant hack emails?,
     
    #4
  5. ggwp Gold Miner DRC Veteran

    Offline
    Joined:
    Sep 26, 2015
    Messages:
    171
    did the hackers get caught?
     
    #5
  6. JelleDRC Server Owner Staff Member Server Owner

    Offline
    Joined:
    Sep 23, 2012
    Messages:
    4,833
    We cannot do anything about this. We have their nicknames and VPN IP addresses, but that's about it.
     
    #6
  7. Hardskiller12 - Timo Event Team Event Team

    Offline
    Joined:
    Feb 27, 2014
    Messages:
    116
    It's obivious that these guys do this to enjoy themselve. It's a sad thing.
     
    #7
    • Agree Agree x 2
  8. koolmees71 Server Moderator Staff Member Server Moderator

    Offline
    Joined:
    Oct 14, 2012
    Messages:
    1,290
    There is no-one to be blamed but these sick minds. But, let this be a lesson to us all: don't use passwords twice, don't use passwords that are too easy. For the rest? If this is their only contribution to humanity, I am in favour of euthanization.
     
    #8
    • Agree Agree x 2
    • Funny Funny x 2
  9. xGreekGamerx Newbie DRC Veteran

    Offline
    Joined:
    Aug 9, 2015
    Messages:
    2
    How much long it's need to restore server? I want to play survival
     
    #9
    • Agree Agree x 1
  10. KostasTheGrand2!!! Newbie DRC Player

    Offline
    Joined:
    Jul 30, 2016
    Messages:
    5
    ok ok its back

    survial back
     
    #10
  11. thommy_99 Obsidian Miner DRC Veteran

    Offline
    Joined:
    Mar 27, 2013
    Messages:
    1,216
    It feels like south park season 20. These idiots must be so proud
     
    #11
    • Agree Agree x 1
    • Funny Funny x 1
  12. MeMatty Event Team Event Team

    Offline
    Joined:
    Feb 21, 2014
    Messages:
    1,693
    Can't you sue them?
     
    #12
  13. thommy_99 Obsidian Miner DRC Veteran

    Offline
    Joined:
    Mar 27, 2013
    Messages:
    1,216
    We are drc, not scientology
     
    #13
    • Funny Funny x 1
  14. JohnSenpaiYT/Laharl927 Gold Miner DRC Veteran

    Offline
    Joined:
    Oct 5, 2015
    Messages:
    168
    Damm hackers harming DRC even I don't play too much minecraft this past few months I hope they get a insta karma for doing that lawl... BTW are the hackers ban? you said they starting giving away something (I meant the player that they giving up somethings) well can't wait for my Christmas vaca.
     
    #14
  15. Reynout123 Server Admin Staff Member Server Admin

    Offline
    Joined:
    Oct 26, 2012
    Messages:
    2,907
    They are banned.

    All servers are back online.

    Like Jelle said:

    We don't have any personal info about them. So it's impossible to sue them.
     
    #15
  16. Boins Gold Miner DRC Veteran

    Offline
    Joined:
    Aug 23, 2013
    Messages:
    215
    And those evil hackers changed Reynhout his profile pic with one from when he was like 12yo :o


    and seriously, banning is not an option, go to the police with the vpn ip adress & nickname. Hacking is illegal even when kids do it !!!
     
    #16
    • Agree Agree x 2
    • Like Like x 1
    • Funny Funny x 1
  17. GigantDude Event Team Event Team

    Offline
    Joined:
    Aug 20, 2014
    Messages:
    389
    Im no expert in Computers etc but there are things to let your IP adress and VPN change every minute or so?
    If thats the case its competly useless.
     
    #17
  18. Flippylosaurus Hunter DRC Player

    Offline
    Joined:
    Jan 24, 2016
    Messages:
    26
    @Nobody4life, have you already run your mail through https://haveibeenpwned.com? might tell you something about where your password was leaked.

    also @JelleDRC, no need to wipe my account, it's all OK. I presume you already ran the IP's through whois and such.
    --- This message was merged, Sep 25, 2016 ---
    They probably use a anonymous VPN in a foreign country. In *most* cases there's nothing you can do. I did hear from a friend of mine that his server got hacked and he got a response from the VPN company in 3 hours with information about the VPN user.
     
    #18
  19. aboody Hunter DRC Player

    Offline
    Joined:
    Jun 6, 2016
    Messages:
    25
    they r not even hackers just loosers trying to be cool curse them all in one place ... u guys should be extra careful
     
    #19
  20. Anesitas Server Admin Staff Member Server Admin

    Offline
    Joined:
    Jul 1, 2013
    Messages:
    2,860
    Sometimes I wonder how some of our 'experts' gathered their intel, we need to shutdown those sites asap. Else within 10 minutes everyone thinks he has knowledge..
    VPN companies will ban the user if you report them. However, they are not allowed to share private info. That would make their services illegal. So please...
     
    #20
Thread Status:
Not open for further replies.