BattleFront.com Down For Maintenance...

[Sequoia]

Interesting, so did he contact you guys for payment on a fix or something?

Maybe he wanted Combat Mission Campaigns released or else.

[Boo Radley]

Maybe he wanted Combat Mission Campaigns released or else.

"HMGs will be able 2 run in CM Normandy or I will shut U down 4Evar!!11!!11!"

[stikkypixie]

And Microsoft loses another customer to Apple.

I'm willing to bet that it's MS losing another customer to some Linux server, unless you are referring to yourself of course.

[Spanish Bombs]

Is this really a viable criminal enterprise? This hacking attempt was clearly flawed for the reasons, among others, that Steve cited above. I've always thought that any type of 'hostage-taking' that required some sort of payment that could be electronically traced would inevitably be thwarted or easily thwart-able. Or were they demanding suitcases full of cash like some sort of South American hostage deal?

[mike_the_wino]

We have some clues where it originated from, but I won't go into details here.

It was the Chinese, wasn't it?

[Sergei]

Maybe he wanted Combat Mission Campaigns released or else.

But the source code is already released, so... but then, probably he wouldn't have the necessary skills to do anything with it.

[Sergei]

It was the Chinese, wasn't it?

It was the Norwegian cod mafia. I have no proof but I'm adamant that it was them.

Is this really a viable criminal enterprise? This hacking attempt was clearly flawed for the reasons, among others, that Steve cited above. I've always thought that any type of 'hostage-taking' that required some sort of payment that could be electronically traced would inevitably be thwarted or easily thwart-able. Or were they demanding suitcases full of cash like some sort of South American hostage deal?

I suppose you haven't heard of money laundering? Although it is quite possible that these types do this just for griefing purposes, rather than monetary gain.

[MeatEtr]

It was the Chinese, wasn't it?

Probably some disgruntled BF fan upset there hasn't been a CMN bone since x-mas.

[Sergei]

Probably some disgruntled BF fan upset there hasn't been a CMN bone since x-mas.

Hmm... is this a confession? :mad:

Please inform FBI of MeatEtr

[wolf66]

I

Anyway, I have a hunch that this came from somewhere in the EU. I don't know what put that in my head, but there it is.

Michael

The Finns !!!

[irwin666]

Who/what is Dorosh?

[MeatEtr]

Hmm... is this a confession? :mad:

Please inform FBI of MeatEtr

Haha, well judging by the long list of bitching and whining threads/posts about it, the suspect list would be long.

For the record, I didn't start any of those threads.

[Battlefront.com]

We don't know how the proposed payment was to be made, but if the hacker is sitting in a country with fairly low international accountability, they really don't have to worry about tracking. It's also pretty easy to setup an "offshore" account that is very difficult to trace.

The crux of it is that going after people like this costs someone a LOT of money. Either private or governmental, usually both. So these guys can usually get away with this sort of behavior simply because the cost of going after them is not worth it. Kinda like for every terrorist killed before he bombs there is probably already another one in training to replace him/her. The only effective way to combat cyber terrorists is to have vetted, legally sanctioned counter attacks where "good" hackers pursue and destroy (virtually) "bad" hackers. Cyber warfare. It's already happening, but it's not exactly legal for private citizens to just go out and do it.

And to follow up on an earlier point... Microsoft did lose out on this one because we're now running on a MacOS server. This was planned mostly for server maintenance reasons with better security as a secondary selling point. As it turns out the security benefits became more important to us since our initial decision to dump Windows.

Steve

[wolf66]

Who/what is Dorosh?

here I think is a Dorosh

[souldierz]

Sounds like Battlefront is ridding over this bump fairly well:)

[Battlefront.com]

It could have been much worse, definitely. The big plus was already being mostly along the path of migration to a new server. If we hadn't been close to moving anyway this would have been a much more difficult process because we would have been forced to try and rebuild the old server. That could have taken days and still not fixed the security problems.

Steve

[YankeeDog]

I'm willing to bet that it's MS losing another customer to some Linux server, unless you are referring to yourself of course.

Well, Steve beat me to the punch, but you'd lose that bet. It's pretty easy to find out what the server operating system is for a given website, and Battlefront.com is now coming to us courtesy of a server running Mac OSX Server.

[Lethaface]

Ah, good to have BF.C back

I was scared Apple had took over and decided to ban all current games since they were not allowed in the Appstore

Well you'd be surprised what a hacker can do with a simple picture upload script if the file permissions are set wrong.

Seems that the hacker had sort of took over the whole server. Don't want to scare nobody but with exploitable linux/unix/bsd kernels this is still possible, only less likely to happen when compared to a windows server.

Working for an ISP I know that almost all hosts get scanned daily for one or the other exploitable forum or similar scripts and what else it is they scan for. Updating software is a crucial thing for important online services. I hope that the new (I presume OSX? ) servers will help BF.C's administrators preventing future problems like this.

EDIT: Ah I see that Steve has affirmed it are apple servers, d@mn my slow typing skillz! Nobody else saw that large OSX e-mail banner at this very website for quite some time?

[Redwolf]

Is this really a viable criminal enterprise? This hacking attempt was clearly flawed for the reasons, among others, that Steve cited above. I've always thought that any type of 'hostage-taking' that required some sort of payment that could be electronically traced would inevitably be thwarted or easily thwart-able. Or were they demanding suitcases full of cash like some sort of South American hostage deal?

This sort of attack and blackmail is pretty common. Normally you don't hear about it since organizations can either react in time or prefer to fake a regular outage by just pulling the plug out of the whole system. Plus, if you are not on Wind0ze it is easier to clean up. Payments into Russia should be pretty safe for the blackmailer. Good lucky sending the local police after a money transfer.

BTW, Steve, you are missing the favicon on the new erver.

[Eagle2]

Is anyone else unable to get onto the main site still? You've said it's back online, but it still says its under maintanance whenever I go to it. It wants me to imput my windows username and password to check for credentials.

[MikeyD]

It appears they're prioritizing what gets back online in what order. The CMSF chat board was of course first on their list.

[Eagle2]

Lol, ok. Just wondering if it was my computer or something else.

[Hawk]

Steve, with some of our info on the server (e-mail, e-lic codes etc), any danger of the hacker getting anything usefull?

[Lethaface]

Well basically he could have all e-mail addresses since they were used in a virus spam run, but passwords would have been stored encrypted so that *should* not be readable

[stikkypixie]

Well, Steve beat me to the punch, but you'd lose that bet. It's pretty easy to find out what the server operating system is for a given website, and Battlefront.com is now coming to us courtesy of a server running Mac OSX Server.

Hah! I didn't even know Apple made server, I guess I'm I just lost all my nerd credibility here