Popular Irish web discussion forum boards.ie has reset user passwords in response to a hack attack that compromised member login credentials. The site was taken offline for several hours on Thursday. Tom Murphy, boards.ie's co-founder, blamed overseas crackers for a hack in a statement. In this attack, part of the database …
They should change their slogan...
From "now ye're talking" to "now ye're hacked"
Still down, Downtime more than a day now. Some other issue too?
How was it hacked?
Lots of people run VBulletin, Linux, MySQL & Apache, though I think they use 4 to 6 servers. Is it a general flaw or just something they didn't lock down properly?
Does that mean hashed with SHA/MD5 or "encrypted" using some shitty homebrew algorithm?
Hash vs. not encrypted isn't the be all and end all. Unless the hash is salted (say, feed the hasher username+password) you can just plop it through some rainbow tables to get the plaintext.
Or just try '123456', it'll probably* work :-)
SHA hashed with salt
... according to their faq yesterday anyway
More than a mere hack
Given that the site has been down for over 24 hours would lead me to think that there is a more serious issue here. The hackers have done alot more damage than b.ie are letting on.
I seriously doubt the Irish Police will find anyone for this. Too busy in the local garage with their jumbo breakfast rolls.
Jumped the shark ages ago
I stopped post on boards.ie some time ago. Since it got interested in money and sold a share to Daft.ie, I felt it changed the outlook of the owners of the site. There is less of a community spirit that it had in its early days. Coupled with that, its the "devil may care" attitude to active moderating that made boards less than useless.
The higher they climbe, the harder the fall.
Password changed, just...
..to be sure.
220,00 registered users?
Don't they mean 220,000 registered profiles?
Boards used to be a pretty fun place yeaaaaaaaaars ago but then a great purge happened.
Used to be a time when a lot of the people there were a lot of very interesting, amusing or otherwise nuts people on the board itself and on the irc channel, some of whom had been there from day one.
Then came a coup d'etat led by snotty mods with a school prefect mentality who figured we need to stop all this sillyness (unless it's one of our buddies, then it's ok) so we can instead be the sort of wholesome place where we can host ads for Digiweb and Eircom broadband.
The final straw for me was when they closed down the IRC channel because it was getting silly but greenlighted an entire forum based around mustard. It was about the same time when I, and all the people I knew on there, bailed out en-masse. Now I maybe go on there every 1-2 years if I want to sell a load of crap to some new generation boards lusers, young brats mostly, but that's about it. Another once-good community ruined.
So I can't really feel sorry for the boards people, and I'd be surprised if I'm the only one, but maybe, just maybe, they might want to shut down that Free Tibet forum.