AnimeSuki Forums

Register Forum Rules FAQ Members List Social Groups Search Today's Posts Mark Forums Read

Go Back   AnimeSuki Forum > Support > Forum & Site Feedback

Notices

Reply
 
Thread Tools
Old 2014-05-13, 21:00   Link #221
Irenicus
Le fou, c'est moi
 
 
Join Date: Dec 2007
Location: Las Vegas, NV, USA
Age: 31
IPs are basically public information. Don't worry about it.
Irenicus is offline   Reply With Quote
Old 2014-05-13, 21:53   Link #222
HighGuard
Senior Member
 
 
Join Date: Oct 2007
Not the worst thing in the world to have happen for me. The password I use is one i use most places that are not important to me. Any actions someone would take with that password would get reported to my email, which uses a unquie password with 2 step verification requiring my phone. For me I recognize that a forum is not fort knox nor should it be.
They got my ip? Dont care. Ips are not that big of a deal, its like someone getiing your zip code. If they were after ips they could just look at the history of any random wiki article and get dozens of them with no one the wiser, unlike the hassle of hacking a forum
Got my password? Dont care. Its just the key to the door, you still dont know the alarm code.
Got my username? Dont care. Its a very common name anyways and I have been using a new name recently anyways.
Got my email address? Dont care. They still dont have the password to that or my phone. 1 of 3 is useless.

Honestly you shouldnt be using the same password for a low security site such as a forum and a high security site site like your bank. Mustang vs a MRAP. You dont store your SSN, credit card #, real name, home address, mothers maiden name, money or anything else thats important here so its not the end of the word.
HighGuard is offline   Reply With Quote
Old 2014-05-13, 22:00   Link #223
Reincarnated
World Inverse Creator
 
 
Join Date: Aug 2008
Well I use the passwords for another forum thing-y so it's not so important to me except they crack my email too.
Reincarnated is offline   Reply With Quote
Old 2014-05-13, 22:27   Link #224
RJ TAYLER
Senior Member
 
 
Join Date: May 2009
Location: AUSTRALIA
Well for me this place was the last place that I used my original password in any way, shape or form, so apart from that nostalgia it has been no loss (so far), just a big pile of annoyance.
__________________
YOURS
RJ TAYLER
RJ TAYLER is offline   Reply With Quote
Old 2014-05-13, 22:30   Link #225
kusabireika
Seiso Academy Student
*Graphic Designer
 
 
Join Date: Sep 2012
Location: Lanvaldear :)
Send a message via MSN to kusabireika
just quick question about notification i have unread mail but when i check my message they all read ._. is this normal

and by the way all post and pic seem gones what happen i hope its ok to ask im bit confuse
__________________
kusabireika is offline   Reply With Quote
Old 2014-05-13, 23:00   Link #226
Guido
Senior Member
 
Join Date: May 2004
Location: Monterrey, México
Age: 40
I recall the 2005 Forum Great Crash when AnimeSuki literally lost about 12 months worth of registered user accounts, PMs, posts, etc. due to DDOS attacks, if I remember that was the case back then.

Now, we have this breach, and security got all compromised, but I do not blame AnimeSuki and their responsible staff. (meaning neither sarcasm nor pun).

What I'm concerned right now is the IP address that I regularly use to login to the forums, that's the only issue I'm worried about. Since, I did use the same old password in nowhere else but to login to AnimeSuki for about ten years since becoming member; seriously, I'm going to miss that password.
Guido is offline   Reply With Quote
Old 2014-05-13, 23:57   Link #227
Archon_Wing
Why?
*Author
 
 
Join Date: Jul 2008
Location: Not here
Age: 36
Send a message via MSN to Archon_Wing
Quote:
Originally Posted by Reckoner View Post
Fortunately none of my really important accounts shared info with this website.



I believe the forum was also hacked in the 2004ish period, so once a decade event for this site?
/stares at year

Shit, it's Third Impact.
__________________
It doesn't sound like my love is getting to you.
I will not lose anymore; I will not give up.
More passion than hope, much deeper than despair.... Love!

Avatar/Sig courtesy of TheEroKing
Guild Wars 2 SN: ArchonWing.9480
MyAnimeList || Reviews
Archon_Wing is offline   Reply With Quote
Old 2014-05-13, 23:58   Link #228
Infinite Zenith
Operation sneaky sneaks
*IT Support
 
 
Join Date: Aug 2012
Location: Hic et ubique
For the hacker who's doubtlessly reached cracking my old password by now, congratulations. They've just performed the equivalent of successfully pickpocketing me and finding out the wallet he took from me only contains lint, while my real wallet is safe.
__________________
Infinite Zenith is offline   Reply With Quote
Old 2014-05-14, 00:17   Link #229
SaintessHeart
NYAAAAHAAANNNNN~
 
 
Join Date: Nov 2007
Age: 31
Quote:
Originally Posted by Archon_Wing View Post
/stares at year

Shit, it's Third Impact.
*forbidden love goggles on*

You two make the most awesome couple here.
__________________

When three puppygirls named after pastries are on top of each other, it is called Eclair a'la menthe et Biscotti aux fraises avec beaucoup de Ricotta sur le dessus.
Most of all, you have to be disciplined and you have to save, even if you hate our current financial system. Because if you don't save, then you're guaranteed to end up with nothing.
SaintessHeart is offline   Reply With Quote
Old 2014-05-14, 00:29   Link #230
DragoMuseveni
True Dragon
 
 
Join Date: Nov 2013
Location: Riding on Great Red head
Age: 25
I believe this hacker isn`t worth to talk about , because , with ip , and passwords you don`t have anything to do with esspecially when they come from a forum . Even so , he didn`t know how to hide his tracks , that announce i do have the impression i `ve seen a similar case on another forum before , it was a key for the hacker to acces the moderator/admin options , injecting some sort of weakness. But after the announce is erased , he hasn`t acces acces anymore .MD5 is a weakness almost every forum has.
__________________
DragoMuseveni is offline   Reply With Quote
Old 2014-05-14, 01:34   Link #231
ChuckE
Provoker
 
 
Join Date: Nov 2012
Location: Dreamland
Hacker was able to decrypt md5?
Give him a medal
__________________
Dominus factotum
ChuckE is offline   Reply With Quote
Old 2014-05-14, 02:08   Link #232
Kimidori
The Opened Ultimate Gate
 
 
Join Date: Dec 2011
Age: 26
Quote:
Originally Posted by ChuckE View Post
Hacker was able to decrypt md5?
Give him a medal
It's easy for hackers who specialize in password cracking....
__________________
Kimidori is offline   Reply With Quote
Old 2014-05-14, 02:50   Link #233
sgrunclub
Junior Member
 
Join Date: May 2014
Location: Singapore
i'm curious too.. which moderator is this. will this harm our computer visiting this site?
sgrunclub is offline   Reply With Quote
Old 2014-05-14, 02:57   Link #234
Dextro
He Without a Title
 
 
Join Date: Feb 2008
Location: The land of tempura
Quote:
Originally Posted by ChuckE View Post
Hacker was able to decrypt md5?
Give him a medal
Why? You only need a couple of modern GPU to do that. MD5 is really really easy to crack with the amount of Computer power you can get off the shelf nowadays (and rainbow tables)
__________________
Dextro is offline   Reply With Quote
Old 2014-05-14, 03:00   Link #235
NightWish
…Nothing More
*Administrator
 
 
Join Date: Mar 2003
Age: 41
Quote:
Originally Posted by Irenicus View Post
do you keep any old password data
Not for regular members. For the accounts where the forum does enforce password uniqueness within a time period, a list of previous hashes is kept but only long enough to cover that period.
Quote:
Originally Posted by Irenicus View Post
are the old ones compromised?
There is no evidence that the password history information was disclosed.
Quote:
Originally Posted by AC-Phoenix View Post
Would be good to know which IP adress I actually registrated with now...
Happy to answer account specific questions submitted privately. Can't guarantee speed of reply, but will get to them all eventually. Too hard to catch them all in this thread. If you really want me to reply in public, say so in the message and I'll consider it, subject to common sense.
Quote:
Originally Posted by sgrunclub View Post
will this harm our computer visiting this site?
No. As far as we know the attack was to gain information not to directly compromise visitor's computers. I've found no evidence of attempts at malware sharing or injection, aside from the so-called "php kit" used in the attack itself of course, and that was focused on getting into the site and not your computer.
NightWish is offline   Reply With Quote
Old 2014-05-14, 03:18   Link #236
serenade_beta
そのおっぱいで13才
 
 
Join Date: Dec 2006
Quote:
Originally Posted by Archon_Wing View Post
/stares at year

Shit, it's Third Impact.
*prepares for 2024*
__________________

-Blog --> http://tdnshumi.blogspot.com/ (Mainly about video games)
-R.I.P. Hiroshi Yamauchi, Gaming wouldn't have been the same without you (9/19/13)
serenade_beta is offline   Reply With Quote
Old 2014-05-14, 03:23   Link #237
zero7090
Senior Member
 
Join Date: Jul 2007
can we employ 2 factors authentication that whenever anyone login they must input 6 number using google authenticator? I believe it doesnt cost much to get it running.
zero7090 is offline   Reply With Quote
Old 2014-05-14, 04:10   Link #238
ChuckE
Provoker
 
 
Join Date: Nov 2012
Location: Dreamland
Quote:
Originally Posted by Kimidori View Post
It's easy for hackers who specialize in password cracking....
Quote:
Originally Posted by Dextro View Post
Why? You only need a couple of modern GPU to do that. MD5 is really really easy to crack with the amount of Computer power you can get off the shelf nowadays (and rainbow tables)
Bruteforcing it may be possible but....c'mon even Pentagon servers would required couple of years
Hacker has been preparing to hack this forum since 200x Oh maybe he was just lucky lol
__________________
Dominus factotum
ChuckE is offline   Reply With Quote
Old 2014-05-14, 04:13   Link #239
Irenicus
Le fou, c'est moi
 
 
Join Date: Dec 2007
Location: Las Vegas, NV, USA
Age: 31
Quote:
Originally Posted by NightWish View Post
Not for regular members. For the accounts where the forum does enforce password uniqueness within a time period, a list of previous hashes is kept but only long enough to cover that period.

There is no evidence that the password history information was disclosed.
Good to know. Thanks.
Irenicus is offline   Reply With Quote
Old 2014-05-14, 04:43   Link #240
Haak
Me, An Intellectual
 
 
Join Date: Apr 2009
Location: UK
Age: 29
Looks like my new security measures are working perfectly. I already forgot my Animesuki password and had to reset it. XP
__________________
Haak is offline   Reply With Quote
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -5. The time now is 09:28.


Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2020, vBulletin Solutions Inc.
We use Silk.