Rorroh's Blog

Just another WordPress.com weblog. Really. It is.

‘Tis the season — of hacking. December 22, 2010

Filed under: Hacking — Rorroh @ 10:27 pm
Tags: , , , , , , ,

‘Tis the season of hacking, it seems. There are multiple websites being targeted for various reasons:  PayPal, Amazon, Visa, FurAffinity, WikiLeaks.. the list goes on.  Seems to me that people have implicitly been given the “O.K.” to start doing this, even though it is illegal.  Still, many major websites are getting the butt-end of these attacks.

Of course, I use the term “hack” loosely.  In most cases, the attacks were simply “Distributed Denial of Service” (DDoS) attacks, which only cause a web server to be brought down, usually only temporarily, and usually require no hacking at all.  That said, they can cause massive damage to a server’s equipment.

This implicit “O.K.” seems to have stemmed from the attacks on WikiLeaks, which spurred many counter-attacks, including at least one on the the DoS’er going by the handle of “th3j35t3r.”  “th3j35t3r” is a “patriot hacker” that successfully brought down WikiLeaks using a tool that he calls “XerXes.”  Unlike DDoS’ing tools, XerXes seems to only need one person (Taking the first “D” off of “DDoS”).

As someone said not too long ago regarding this: “This is the sort of thing envisioned by the early hacker kids in the 80’s and 90’s. This is WarGames post-Cold War. This is the movie Hollywood couldn’t ever produce.”  This is completely right.  We are living in an era of “cyber warfare,” and we need to try to play it safe.  Secure your passwords, encrypt your connections, get behind 7 proxies.  The main groups of attackers are not trying to go after neutral users, but neither they nor I can speak for any rouges that could exploit this situation for their own personal gain.  Stay safe.

Now for the subject that seems to be in every FA user’s mind, of something that has happened very recently:
Note:  This is based on information that was personally gathered and I do not speak directly on behalf of FurAffinity or any of its administrators.  Treat this information as if you were reading it from a barely-known WordPress user’s blog post.

In FurAffinity’s case, there was hacking, and there was a breach of user accounts — but you can probably rest assured that your account was not compromised.  If I were you, I would change my password anyway.

The details are cloudy, but apparently there was a rape that occurred.  The victim, from what has been gathered, told.. someone (we’ll call him “Bob” for the sake of less confusion).. who found out that the rapist was a FurAffinity user.  Bob, out of rage towards the admins of FurAffinity, started what most have already figured out:  A sudden and seemingly well-coordinated attack on FurAffinity, allowing him to gain unauthorized access throughout the website.

With this access, he was able to leak out administrators’ notes and then go on to mess with several users’ galleries before finishing the job by launching a DDoS attack aimed at FurAffinity’s servers.  I’m not sure if this final attack was successful or not, but FurAffinity seems to be getting back on its feet quite nicely.  The software is currently being checked for more security holes, hopefully enough that any large vulnerabilities can be patched to prevent another epidemic.

The official report by FurAffinity’s Dragoneer can be found here.


I’m sorry it’s a bit disorganized, but I didn’t even know where to start. If there’s information that I’ve overlooked or am misinformed about, and I say this in hopes that anyone at all reads this blog post, please tell me. I’d love to have more information on the subjects, especially regarding “Bob” and the rape.

Advertisements
 

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s