My ATS Account just got hacked

a reply to: ArMaP

neither mods or admins have the tools to change members' avatars

The website administrator does have access to the website database and can change anything they want in it. With how many accounts got hacked in a short period of time comes across as someone messing with the record level data. With that kind of access, they can mess with anything they want. For now it is just a fun probing test. ATS getting owned by the USSR is hilarious.

Last I know, Darko got the keys. He let someone else in for a while to tidy things up. Been AWOL for a while now. Ghost helped the mods get in with the password/email reset. Is it a new actor?

originally posted by: kwaka
The website administrator does have access to the website database and can change anything they want in it. With how many accounts got hacked in a short period of time comes across as someone messing with the record level data.

I know that.
I also know that with database access they could have change everyone's avatar with just one command, but we didn't see that.
They could also change the avatar for anyone on a list of members with just one command, but we didn't see that.
They could change anything besides avatar, colours and signature, but they did not.

All of the above point to the hacker(s) only having access to the "account" page and nothing more.

originally posted by: yuppa

originally posted by: ArMaP

originally posted by: yuppa
Former MOD or admin access holder. very short list of those right?

Right, but neither mods or admins have the tools to change members' avatars, which means the way it was done was not via a normal procedure, which means that anyone, former mod/admin or not, could do it, as long as they could hack the account page.

[snip]

As far as I know, only one person had direct access to the database.

And, apparently, you missed one part, that I am going to repeat and bold:
"...which means that anyone, former mod/admin or not, could do it, as long as they could hack the account page"

a reply to: ArMaP

...which means that anyone, former mod/admin or not, could do it, as long as they could hack the account page"

Is this an adequate level of security? Has it always been this way?

a reply to: lilzazz

It's the same everywhere, as long as there are security flaws.

In this particular case I think it has existed for many years.

a reply to: ArMaP

"...which means that anyone, former mod/admin or not, could do it, as long as they could hack the account page"

There is only two places the breach could of happened. Either cracking each of the individual members account or cracking the website administration account.

With how it was only active members that where online at the time that got hit, it is much easier and more reasonable that the website administration account got hacked. To hack each of the online members account without website administration privilege would be a much more challenging task.

a reply to: ArMaP

All of the above point to the hacker(s) only having access to the "account" page and nothing more.

Does that mean only how accounts are displayed to logged on members? And not the passwords and email accounts?

For instance: Not logged in viewing of ATS threads don't show avatars or location or mood or signatures. So non-member guests to the site don't notice any difference any way.

Is there a different data base containing the password and email accounts? Because those show on the setting page also.

originally posted by: ArMaP
a reply to: lilzazz

It's the same everywhere, as long as there are security flaws.

In this particular case I think it has existed for many years.

Yep! Some hacker named "GHOST" would appear from time to time between (I think) 2019 and 2022. Ghost wasn't malicious. He/She just did things to show how smart he/she was.

a reply to: WeMustCare

Everybody logging off and running away scared, but if the user database were actually breached that wouldn't save you from anything. It'd be too little too late BUT...

I mean did anybody share their SSN or credit info on here? I hope not.

Worried someone gonna see your username on some tiny forum and throw you in the pit of despair?

Anybody waking up missing a kidney? Anybody care to share how they've been harmed? Anyone?

Man people freak out over silly things sometimes. But I get it, the internet and tech is scary if you're not fully educated.

Your personal data is already out there everywhere and can be misused at any time by bad actors.

I feel like logging off and leaving ATS is akin to using that chain link fence to stop mosquitos.

Oh and for the record, nobody has had their posts altered or edited, as I've seen rumors floating around.

Man nothing happened except a couple people got their avatar temporarily pranked.

originally posted by: kwaka
There is only two places the breach could of happened. Either cracking each of the individual members account or cracking the website administration account.

There's another way.

originally posted by: FullHeathen
Does that mean only how accounts are displayed to logged on members? And not the passwords and email accounts?

Sorry, I don't understand what you mean.

a reply to: ArMaP

Is there a different data base that contains the member email addresses and ATS login passwords?

It would make sense for there to be one since it would be used for sign-up purposes. And the auto email function isn't working, hence no new members.

The only thing being changed by hacker is visual display addons: (avatar, location, mood, signature)

We've covered about everything that needed to be covered.

Closed.