MyAnimeList hacked?

[Coldlight]

Quote:

Originally Posted by Reverzer0

and what was that all about, only defacing? what a small timer.

Actually it's a bit bigger problem than that. The attacks came in several waves, the first one (that I know of) beginning several days ago involving people getting their accounts hacked, including the site admin Xinil's account.

The second one, which I witnessed taking place a few days ago, was the culprit using hijacked accounts, including Xinil's and some mod accounts to flood the forums with identical threads containing a single post with the message

Spoiler for cropped screenshot of the post by someone else:

The third wave (that I know of) involved the random deletion of many forum topics all around their forums, including the defacing of some clubs as Kyuu mentioned before, which led to MAL's staff doing a rollback to restore all of the forum topics lost to deletion.

The rollback seems to have been a futile effort, however, because at the moment while I am posting this, a few topics have begun disappearing again, including the Forum Rules and the Site Announcement threads, which seem to be favorite targets.

The only thing I'm worried about is the hijacking of accounts, though I don't have any important information on my profile (no locations, no birthdays, I just have one image and one sentence on it, lol), but I don't want my lists getting touched. I still haven't read of anyone there having their lists defaced, though.

[Fahd]

Quote:

Originally Posted by Fahd

Cross-Site Scripting can similarly be avoided by sanitizing user-input (i.e. making sure users can't post HTML).

If anyone's interested, here are a couple of videos (1, 2) on how cross-site scripting works. Both example sites are poorly scripted, but I guess that's deliberate so that it's easy to demonstrate the idea .

[Kyuu]

Quote:

Originally Posted by Coldlight

What!? Have you reported it to the staff already (using an alternate account or via an acquaintance who could report for you)? I think I saw one of your old posts in a thread because I recognize your avatar, it seems the hacker also vandalized your username. I did not check the profile of that account, however.

Good thing I've also already exported my lists to safety. It's good to be prepared for the worst.

Took a while, but yea. Already got a clone account now. And likewise, I exported my list prior to the account compromise.

Good thing: I play Fantasy Football with two MAL mods. Plus, Saka pushed me to getting into MAL's IRC. So, I'm not all that worried about it. It just happened to suck. Eventually, I'll get my old acct. back.

Quote:

Originally Posted by felix

And if the people who coded the authentication system there were as smart as the people who coded the rest of it (which is likely since the site is quite old), he's probably got your password too.

And changed the original contact e-mail. So, no PW recover there either.

[Reverzer0]

Quote:

Originally Posted by Coldlight

Actually it's a bit bigger problem than that. The attacks came in several waves, the first one (that I know of) beginning several days ago involving people getting their accounts hacked, including the site admin Xinil's account.

The second one, which I witnessed taking place a few days ago, was the culprit using hijacked accounts, including Xinil's and some mod accounts to flood the forums with identical threads containing a single post with the message

Spoiler for cropped screenshot of the post by someone else:

The third wave (that I know of) involved the random deletion of many forum topics all around their forums, including the defacing of some clubs as Kyuu mentioned before, which led to MAL's staff doing a rollback to restore all of the forum topics lost to deletion.

The rollback seems to have been a futile effort, however, because at the moment while I am posting this, a few topics have begun disappearing again, including the Forum Rules and the Site Announcement threads, which seem to be favorite targets.

The only thing I'm worried about is the hijacking of accounts, though I don't have any important information on my profile (no locations, no birthdays, I just have one image and one sentence on it, lol), but I don't want my lists getting touched. I still haven't read of anyone there having their lists defaced, though.

there's a reason beyond why this happened without beneficiary. nowadays, facebook has been targeted because they claim they are above something like that! the reason i said it's a small timer because he\she doesn't even gain benefits the terror he\she made unlike for example cracking sony ps3's source code for pirating ps3 games.

maybe also i'll try to see their registration form if that site is poor just like other says! you can see there aside from diving their source code. thanks for the additional information.

edited: the site is ok.

[SoFarGone]

lol the hacker is trolling the community.

[Hooves]

I think this hacker is having too much fun with his superiority over MAL atm

[Coldlight]

Quote:

Originally Posted by SoFarGone

lol the hacker is trolling the community.

He's been doing that for about a week now. MAL has already had two forum rollbacks, but because they apparently failed to patch up security holes, it's all useless.

[Kyuu]

A switch to VBulletin may hinder the hacker's actions. But, that still won't stop him from affecting clubs or even other users.

[felix]

Quote:

Originally Posted by Kyuu

A switch to VBulletin may hinder the hacker's actions. But, that still won't stop him from affecting clubs or even other users.

Not necessarily.

Also it would play directly into the hackers hands since to do that they either have to create a very complicated migration script and abandon a lot of the features they have now. OR, abandon the current content altogether.

And then re-work everything to work with vB either way.

[Velsy]

Explains why when I updated my about me yesturday, my page went to ..... a mess? As far as I can tell, my list and favourits are still standing. I guess thats a good thing right ?

Just exported my manga and anime list. Its how I keep track of what I watching or reading :s

[Coldlight]

Quote:

Originally Posted by Velsy

Explains why when I updated my about me yesturday, my page went to ..... a mess?

The issue about BBcode not working properly on MAL now is an unexplained problem that appeared some time after the first rollback on Oct. 5. I do not know if it was due to the hacker previously having had access to the site admin's account or because because of some other unrelated problem.

MAL's site admin Xinil has posted an announcement that they have finally found and fixed the particular exploit the hacker was using to attack the site. It appears there will be one last rollback being planned to restore the lost threads again, and fixing the broken BBcode problem is apparently underway.

Link to the announcement:
http://myanimelist.net/forum/?topicid=351399

Only time will tell if the staff have truly won the battle to secure MAL from further attack. Hopefully, they did and everything goes back to normal soon, so we can finally put this issue to rest.

[D-KLAC]

it rather give the hack attack continue again give now attack anime nexus club!!!

grr really this hack attack is like bullying picking really besides why did suffer hack attack give we got nothing involve on it.

yea indeed hack attack is part of "against" that are messing with anime world.

[Kameruka]

Where's the hackers when you need them? Too bad the assault already ended and 4chan addicts and School Days fanboys/fangirls has returned and ruining the forums again.

Hackers, I missed you so much and please come again messing the Myanimelist forums again!

[Kudryavka]

Quote:

Originally Posted by D-KLAC

it rather give the hack attack continue again give now attack anime nexus club!!!

grr really this hack attack is like bullying picking really besides why did suffer hack attack give we got nothing involve on it.

yea indeed hack attack is part of "against" that are messing with anime world.

Could be many reasons. Bullying? Jealousy from another anime website owner? Someone out to prove that they have 1337 skillz to hack a large website? A secret party who only agreed to stop after the owner of MAL paid them some money? There's tons of reasons why people hack now.

Has the identity of the hackers been disclosed? That could clue us in on their motive.

[D-KLAC]

give i've no idea besides i'm concern if keep some people could get hurt in lot of ways due to hack attack.

give messing with them could too far yea that this just too really these hack attacks need to stop.

[Coldlight]

Quote:

Originally Posted by Coldlight

Only time will tell if the staff have truly won the battle to secure MAL from further attack. Hopefully, they did and everything goes back to normal soon, so we can finally put this issue to rest.

Quoted my post from last year. Looks like they failed. A little over a year from that incident and MAL's forum is under attack yet again. And apparently by the same culprit, too.

Just a heads up: Any of you who also visit the MAL forums be careful. It is currently under attack/recently came under attack as of this time. Do not open any threads with the last post by users named Holzy or KobaKoba (I suspect these might be hacked user accounts, like last year). Such posts contain gore images and a potential malware threat. Well, at least until another forum rollback happens, since such posts by aforementioned "users" seem to be in threads all over the place.

Quote:

Originally Posted by Kameruka

Hackers, I missed you so much and please come again messing the Myanimelist forums again!

Looks like your wish has been granted.

[FlareKnight]

Yeah, I can second the warning to stay away. Had a thread update come through and had a less than pleasant series of images awaiting. Of course had enough sense the moment I saw it to simply report and get the heck out of there. The real downside is my inbox getting filled up with notices of thread updates that are 90% being done by the hackers. Lot of mass deletions there .

Well not like I go there much anyways. Will just sit back and wait for this attack to die down.

[Linkark07]

I can third this one. Stay away from MAL for a while.

[Chandela]

Quote:

Originally Posted by Coldlight

Looks like your wish has been granted.

Here it goes again! Everybody strap in and get ready for the ride.

[Akito Kinomoto]

Quote:

Originally Posted by Coldlight

Quoted my post from last year. Looks like they failed. A little over a year from that incident and MAL's forum is under attack yet again. And apparently by the same culprit, too.

Just a heads up: Any of you who also visit the MAL forums be careful. It is currently under attack/recently came under attack as of this time. Do not open any threads with the last post by users named Holzy or KobaKoba (I suspect these might be hacked user accounts, like last year). Such posts contain gore images and a potential malware threat. Well, at least until another forum rollback happens, since such posts by aforementioned "users" seem to be in threads all over the place.

Thanks for the warning Coldy. By the way, there was another hack this past Thanksgiving weekend; it was also quite a riot.

If any of you MALers happen to see gore images on a thread, change your password immediately. You risk your account getting compromised if you don't.

Meanwhile, on Anime Planet...