Jump to content

Is KSP Hacked?

pandaman

By pandaman
in Kerbal Network

 Share

Recommended Posts

pandaman

pandaman

Posted
Posted

@KasperVld Sorry Kasper, yours was the first/most appropriate name I could think of quickly, hope you are the right guy to flag.

I just picked up this email, On checking the forum Announcements thread  I can see no sign of it.  My hunch is that its at best a hoax, but potentially a dangerous nasty link thingummyjig

I don't know how true or serious it is, but figured at the very least people should be made aware just in case there is an issue...
 

Any official news /comments on this?

Link to comment
Share on other sites
Guest

Guest

Posted
Posted

You might want to remove some of that information, someone might get to your email.  Also, this belongs in Kerbal Network.  I have received no such emails, and is it possible that this was sent from a different email than the forums, and disguised as it?

Link to comment
Share on other sites
Red Iron Crown

Red Iron Crown

Posted
Posted

One of our forum moderators had his login credentials compromised today. His account privileges have been removed until we get it sorted out. There is no evidence that the forum database has been compromised, regular moderators do not have those sorts of privileges.

In the meantime, if you have received any unusual PMs from a moderator, please hit the report button for us and we'll look into it.

If you are feeling sufficiently paranoid, go ahead and change your forum password.

Link to comment
Share on other sites
Guest

Guest

Posted
Posted

I'm at loss of words.

Why would someone hack KSP Forums? I mean like, really. What's the point.

There is probably 0 relevant personal info here. The most important things you'd have are the Science Labs threads, and they're public.

Link to comment
Share on other sites
tetryds

tetryds

Posted
Posted

Just to make things clear, this was an isolated case, the forums were not hacked, it was just the account of one of the moderators and it got grounded before any damage could have been done.
Even if something worse happened, the forum has backups and IPS4 provides us ways to track and undo most (if not all) of the actions taken by a normal moderator without the need to access the backed up data.

Link to comment
Share on other sites
fchurca

fchurca

Posted
Posted (edited)
52 minutes ago, Aperture Science said:

I'm at loss of words.

Why would someone hack KSP Forums? I mean like, really. What's the point.

There is probably 0 relevant personal info here. The most important things you'd have are the Science Labs threads, and they're public.

Mandatory XKCD reference: /792/

Quote

Bam, you've got a few million emails, default usernames, and passwords. Tons of people use one password, strong or not, for most accounts. Use the list and some proxies to try automated logins to the 20 or 30 most popular sites, plus banks and PayPal and such. You've now got a few hundred thousand real identities on a few dozen services, and nobody suspects a thing.

Spoiler

password_reuse.png

 

Edited by fchurca
Link to comment
Share on other sites
smjjames

smjjames

Posted
Posted
7 hours ago, Red Iron Crown said:

One of our forum moderators had his login credentials compromised today. His account privileges have been removed until we get it sorted out. There is no evidence that the forum database has been compromised, regular moderators do not have those sorts of privileges.

In the meantime, if you have received any unusual PMs from a moderator, please hit the report button for us and we'll look into it.

If you are feeling sufficiently paranoid, go ahead and change your forum password.

That could explain that odd thread earlier today in the announcements section that said 'HACKED', but when I tried to go to it, I got a message saying that I didn't have permission to view it, or perhaps it got deleted right when I tried to look at it as it disappeared after that.

Haven't gotten anything wierd on my end though.

Link to comment
Share on other sites
DuoDex

DuoDex

Posted
Posted
2 hours ago, AlextheBodacious said:

Out of an intense curiosity and lack of restraint, in the most non-rule-breaking way possible, whose account was it?

And I've obviously not gotten any weird email either...

That would be telling, I'm afraid.

Link to comment
Share on other sites
smjjames

smjjames

Posted
Posted
2 hours ago, AlextheBodacious said:

Out of an intense curiosity and lack of restraint, in the most non-rule-breaking way possible, whose account was it?

And I've obviously not gotten any weird email either...

Nobody's going to be saying because it's a private matter.

Link to comment
Share on other sites
  • 1 month later...
cantab

cantab

Posted
Posted

In the realms of being harsh, the forum rules themselves state:

4.1 User responsibility

A user is responsible for the security of his or her own account. As a result, any action that takes place with an account will be considered the responsibility of the user who uses the account.[/quote]

Of course, it's up to Squad how to interpret that rule.

Personally I feel that no matter how good any of us think we are at computer security, we are all vulnerable. There are so many ways for the Bad Guys to attack, and they only need to succeed once. The best we can do is damage limitation. I got caught by an eBay/Paypal phishing email myself some years ago, it wasn't even very sophisticated but I just didn't notice the wrong website address until just after I'd entered my login. I was lucky that I noticed it then and changed my password right away.

Link to comment
Share on other sites
kiwi1960

kiwi1960

Posted
Posted (edited)
18 minutes ago, cantab said:

In the realms of being harsh, the forum rules themselves state:

 

Yes, except if a moderator get hacked and our data is compromised, then who is to blame then? We did all that was fair to protect our data, but what if its partly an inside job. In this case, Squad must shoulder a lot of the blame had this been a lot worse.

Edited by kiwi1960
Link to comment
Share on other sites
Red Iron Crown

Red Iron Crown

Posted
Posted

There's no indication that any data has been compromised, and regular moderators don't have access to anything really sensitive.

Once the compromise was detected the account was immediately frozen and had its moderator privileges revoked while we got it sorted out.

"Hacks" like this happen, and can happen even if people are careful. 

Link to comment
Share on other sites
jwenting

jwenting

Posted
Posted
56 minutes ago, kiwi1960 said:

Yes, except if a moderator get hacked and our data is compromised, then who is to blame then? We did all that was fair to protect our data, but what if its partly an inside job. In this case, Squad must shoulder a lot of the blame had this been a lot worse.

except that moderators have no access to account information for any users, no more than regular users do. While a compromised moderator account could do damage, it's only to the content of the forum (vandalizing and deleting posts, banning users), they can't get to passwords.

Link to comment
Share on other sites
diomedea

diomedea

Posted
Posted

I've looked into the activity of the hacker who compromised the account and then made the statement. Was quite interesting, as he really shows to be committing such misdoings regularly. He entertains himself with a network of his siblings, where a sort of commerce in cracked passwords databases is common practice.

However, having checked that, I came to the conclusion that was the way he used to get into the private e-mail and from there into the moderator account, but he could definitely not have gained any access to the real KSP database from there.

You know, only admins have access to the database (and not all functions). Mere moderators don't, and therefore can't download any portion of the database for their own use. But not even admins have access to the passwords, those are actually hashed (using some advanced protection techniques, such as salting, so the usual brute-force attacks won't reveal anything). Nobody can actually retrieve the passwords used, and that's why, in case any user needs help with a lost password, we can only start the procedure for the system to issue a new one instead.

To actually be able to provide KSP passwords, a hacker should 1) be able to download the passwords database from the system (impossible to moderators); 2)  know the salt used with the hash function (that's secret, internal to the system); 3) make a brute-force attack (it uses a dictionary of possible passwords and tries them all with the hashes in the database, hoping to find some correspondence; unusual passwords are not in the dictionary and are very difficult to guess even after the hash function is cracked with those from the dictionary. Or, by having luck, it could be possible to find the password a person uses with a less protected account, and find that same password also opens his KSP account.

Should this sound like an advice to users about better securing their passwords? well yes, it's best practice when it comes to passwords to:

- use very unusual ones, better if formed with all kinds of character types (upppercase, lowercase, digits, special), at least 12 character long, and without any resemblance to your publicly accessible data;

- never use the same password with more than one site;

- when changing password, use something very different from the ones used before.

Link to comment
Share on other sites
kiwi1960

kiwi1960

Posted
Posted

I was being harsh, but since we are debating this, lets me just add this.... (because its better to be wary than it is is to be overly confident...)

This is STILL a hacker we are talking about here, and its STILL a moderators account we are talking about here. A moderator STILL has more access than a lowly member of this site, so having had a moderators account hacked automatically gives him more access to begin with... if the hacker then wishes to continue hacking, as they do, them he has a head start if say, my account had been hacked.

Unless you are a black hat hacker and know which crew he is with, then you really have no idea what they have done to prepare the way for a future hack. These people don't stop at the front door, look around, leave a note and leave.... they like to come back later and have a preprepared way in.

Having said that.... he may well have been a grey hat hacker in a very good mood, or a white hat hacker.... meaning, they consider hacking a way to help YOU test your defences (or that of the moderator!)

OR.... as @diomedea said, the data came from a previously stolen database, the it could have been just some punk kid we would refer to as a 'script kiddie'

Just be very sure that he wasn't in any way "black" before sounding the all clear sirens. While this site might not have been the original target, it IS now collateral damage and on someone's radar. They could decide to come back with a crowbar and force open the front door. :(

have a very nice day.... and lets hope the moderators have it covered! :)

P.S. as the moderator violated rule 4.1 then does he get a telling off? Sure as hell if it was me, I would have been warned multiple times. :)

 

Link to comment
Share on other sites
Red Iron Crown

Red Iron Crown

Posted
Posted
1 hour ago, kiwi1960 said:

P.S. as the moderator violated rule 4.1 then does he get a telling off? 

We handle such things internally and don't discuss details of them publicly, just as we don't discuss details of moderation of regular members publicly.

As for the rest of your post:

  • Moderators have less access than you seem to think.
  • The account in question was used on the forum by the "hacker" for less than ten minutes.
  • The activity log of the moderator was reviewed by the admins, no moderation privileges were used.
  • The "hacker" used the account to post a thread claiming they had things that were impossible for them to have (indeed, impossible for an administrator to have) and trying to sell those things.

While I understand your concerns about security, please be assured that the situation has been reviewed thoroughly and their is no evidence of any serious breach. If you are not sufficiently comforted by this feel free to change your email and password.

Link to comment
Share on other sites
kiwi1960

kiwi1960

Posted
Posted
58 minutes ago, Red Iron Crown said:

We handle such things internally and don't discuss details of them publicly, just as we don't discuss details of moderation of regular members publicly.

As for the rest of your post:

  • Moderators have less access than you seem to think.
  • The account in question was used on the forum by the "hacker" for less than ten minutes.
  • The activity log of the moderator was reviewed by the admins, no moderation privileges were used.
  • The "hacker" used the account to post a thread claiming they had things that were impossible for them to have (indeed, impossible for an administrator to have) and trying to sell those things.

While I understand your concerns about security, please be assured that the situation has been reviewed thoroughly and their is no evidence of any serious breach. If you are not sufficiently comforted by this feel free to change your email and password.

I shall accept your statement and allow the matter to die a nice death (which is what I wanted 30 seconds after I made my first post here, but I speak my mind and always regret it seconds later!)

:)

 

29 minutes ago, WinkAllKerb'' said:

is there any single game not "hacked" today ?

. . .

This isn't a game, its a forums... did you not know? :)

 

Link to comment
Share on other sites
WinkAllKerb''

WinkAllKerb''

Posted
Posted (edited)

it's more a concept, agora often discuss about concept

so ... + size 72 + underlined + strike + bold + italic = ?

you don't like concept ? what are you(we) doing here ? (not aimed) @false aim too generic miroring aim

(food for thought)

why i "camp" the subforum an rarely post elsewhere ... peoples are never happy with what i m saying.

because "mirror"

did i broke a mirror and get permabanned, from my "autistic spectrum fiber" stand point that's pretty irrelevant

.

.

.

autist you should must not talk ... well oki ... let's don't talk then ... not even allowed to try to tlak with others ... cool ... me happy a lot ...

Edited by WinkAllKerb''
Link to comment
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing
×
×
  • Create New...