Wiki security breach (Important, read this)

Something wrong with it? Got an idea for it? Post here.

Moderator: Lucifer

User avatar
dlh
Formerly That OS X Guy
Posts: 2035
Joined: Fri Jan 02, 2004 12:05 am
Contact:

Wiki security breach (Important, read this)

Post by dlh »

The wiki has been taken offline to deal with a security breach. If you visited recently you may have been redirected to install a fake Flash update. This update is a trojan horse and it is malicious.

If you use a common password for your wiki account and a collection of other sites, then I suggest you change the password for all of those accounts. Your browser has a password manager to deal with multiple account usernames and passwords—You should use it. There are also several good external applications that handle password management.
User avatar
sinewav
Graphic Artist
Posts: 6413
Joined: Wed Jan 23, 2008 3:37 am
Contact:

Re: Wiki security breach (Important, read this)

Post by sinewav »

I run Ubuntu, how am I affected? How can I detect damage to my system and repair it?
User avatar
dlh
Formerly That OS X Guy
Posts: 2035
Joined: Fri Jan 02, 2004 12:05 am
Contact:

Re: Wiki security breach (Important, read this)

Post by dlh »

sinewav wrote:I run Ubuntu, how am I affected? How can I detect damage to my system and repair it?
You should only be affected if you installed the malicious Flash update trojan. It does not install automatically without your consent. If your browser downloaded the malicious update file, then do not run it. Simply delete it. If you did install the trojan, then I do not know to what extent your system has been compromised. But I repeat—if you did not run and complete the install, then your system should be okay.
User avatar
sinewav
Graphic Artist
Posts: 6413
Joined: Wed Jan 23, 2008 3:37 am
Contact:

Re: Wiki security breach (Important, read this)

Post by sinewav »

dlh wrote:It does not install automatically without your consent.
The Ubuntu updater opened and I ran it because I thought it was a normal update. Crap. Maybe I should just wipe and reinstall...
User avatar
Mkay1
Shutout Match Winner
Posts: 1146
Joined: Mon Jun 01, 2009 4:35 pm
Contact:

Re: Wiki security breach (Important, read this)

Post by Mkay1 »

How long a period does this encompass?
User avatar
dlh
Formerly That OS X Guy
Posts: 2035
Joined: Fri Jan 02, 2004 12:05 am
Contact:

Re: Wiki security breach (Important, read this)

Post by dlh »

Mkay1 wrote:How long a period does this encompass?
It occurred between Thursday night and 10 AM EST Saturday.
User avatar
Jonathan
A Brave Victim
Posts: 3391
Joined: Thu Feb 03, 2005 12:50 am
Location: Not really lurking anymore

Re: Wiki security breach (Important, read this)

Post by Jonathan »

What does it mean for those without the trojan? Say, if the database has been compromised, it might still be a good idea to change passwords, although it shouldn't be as big a deal if the password was strong.
ˌɑrməˈɡɛˌtrɑn
User avatar
Lucifer
Project Developer
Posts: 8640
Joined: Sun Aug 15, 2004 3:32 pm
Location: Republic of Texas
Contact:

Re: Wiki security breach (Important, read this)

Post by Lucifer »

As I recall, mediawiki doesn't store the password itself, only a hash of it.
Image

Be the devil's own, Lucifer's my name.
- Iron Maiden
User avatar
Jonathan
A Brave Victim
Posts: 3391
Joined: Thu Feb 03, 2005 12:50 am
Location: Not really lurking anymore

Re: Wiki security breach (Important, read this)

Post by Jonathan »

That's why it isn't as big a deal if your password is strong. :) But if the password is weak, it will be pretty easy to find the password that generated the hash by brute force.
ˌɑrməˈɡɛˌtrɑn
User avatar
dlh
Formerly That OS X Guy
Posts: 2035
Joined: Fri Jan 02, 2004 12:05 am
Contact:

Re: Wiki security breach (Important, read this)

Post by dlh »

Yes, a hash of the password is stored in the database. The mediawiki documentation has more information.
T-Bag
Posts: 3
Joined: Tue Nov 15, 2011 1:56 am

Re: Wiki security breach (Important, read this)

Post by T-Bag »

Has this got anything to do with why aagid isn't working ? The same thing Happens here > aagid.net/ <. if it is to do with the same thing, will aagid be back up the same time as wiki ?
User avatar
Phytotron
Formerly Oscilloscope
Posts: 5041
Joined: Thu Jun 09, 2005 10:06 pm
Location: A site or situation, especially considered in regard to its surroundings.
Contact:

Re: Wiki security breach (Important, read this)

Post by Phytotron »

I forget what password I made for the wiki. :/ Once it's back up will I be able to access a "forgot my password" dealio, or...? (Actually, I'm not entirely sure what email I used, either. Der.)

(I can pinpoint the last time I visited the wiki to the evening of the 9th, but, what Jonathan said.)
syllabear
Shutout Match Winner
Posts: 1030
Joined: Fri Oct 13, 2006 1:37 pm
Location: UK/HK

Re: Wiki security breach (Important, read this)

Post by syllabear »

I would suggest reposting this in the Welcome area, or possibly as a sticky on the forums, since many users here have accounts there, and I'm not sure how many people regularly view this subforum (I only checked it because I noticed the wiki was down, thankfully didn't download that flash player myself).
The Halley's comet of Armagetron.
ps I'm not tokoyami
User avatar
Z-Man
God & Project Admin
Posts: 11585
Joined: Sun Jan 23, 2005 6:01 pm
Location: Cologne
Contact:

Re: Wiki security breach (Important, read this)

Post by Z-Man »

None of us can post in that area :( And it wouldn't really be any more visible there for the people who need to see it. Maybe this is one of those cases where a bulk mail to the registered email-addresses in the database is in order?
User avatar
LOVER$BOY
Match Winner
Posts: 731
Joined: Thu Jan 24, 2008 12:46 pm

Re: Wiki security breach (Important, read this)

Post by LOVER$BOY »

With the Wiki down, will there be any tournaments held like the Ladle or CTF Brawl?
Image
Post Reply