Truckers Report Jobs

Find Trucking Jobs

Company Driver Company Driver Dry Van Dry Van Flatbed Flatbed Refrigerated Refrigerated Specialized Specialized Owner Operator Owner Operator
More Trucking Job Searches Fewer Trucking Job Searches

TruckersReport Hacked on Monday - Status Report

Discussion in 'Truck Forum Information Center' started by Admin, Sep 25, 2013.

Page 1 of 13
  1. Sep 25, 2013 #1
    Admin

    Admin TTR Forum Owner Staff Member Administrator

    10,246
    15,572
    Apr 6, 2009
    0
    I don’t usually mind Mondays, but Mondays where you get hacked… those are awful. Here is what happened:

    1) A hacker got into the forum administration panel using a vulnerability in our forum software
    2) The hacker created new staff accounts and started Private Messaging members, claiming to be a staff member and asking for donations
    3) The hacker hijacked Mastertech’s account and started Private Messaging members asking for donations as Mastertech
    4) The hacker swung a wrench around and broke some things on the forum

    And here are the steps we've taken in response:

    - We removed the security hole that the hacker used to access the site

    - Our server technician has combed through the site logs for hours to remove leftover intrusions and repair damage

    - Additional security safeguards have been added

    - We are requiring members to reset their passwords as a precaution. This hacking appears to have been an attempt at fraud and extortion. There is no indication that the hacker attempted to steal passwords or personal information from users.



    If you fell for any of the donation solicitations, let me start by saying how much I appreciate your interest in helping out TruckersReport. I’m sorry you were taken advantage of, and I’m sorry we played an unintentional role in it. If you gave money, I will personally make every effort to get you back your money, just Private Message me and I’ll explain the steps that we’ll take together.

    Huge thanks to our members and moderators who were so quick to bring the suspicious donation messages to my attention, getting a quick jump on this intrusion made a big difference. Special thanks to Bullhaulerswife for her outstanding work in containing the hacker, and to George for all his work on clean-up.

    Post any questions or concerns in this thread, I'll respond here.
     
    Admin, Sep 25, 2013
    Admin, Sep 25, 2013
    #1
    AchioteCoyote, SAR, CondoCruiser and 111 others Thank this.
  2. Truckers Report Jobs

    Trucking Jobs in 30 seconds

    Every month 400 people find a job with the help of TruckersReport.

  3. Sep 25, 2013 #2
    Admin

    Admin TTR Forum Owner Staff Member Administrator

    10,246
    15,572
    Apr 6, 2009
    0
    I'm grabbing a few hours of sleep, I'll check back in and answer questions when I wake up.
     
    Admin, Sep 25, 2013
    Admin, Sep 25, 2013
    #2
    NavigatorWife, joseph1135, teddy_bear6506 and 8 others Thank this.
  4. Sep 25, 2013 #3
    joseph1135

    joseph1135 Papa Murphy

    11,340
    27,301
    Nov 8, 2009
    The Highway To Hell.
    0
    Thank you Sam. Thank you for doing your best to protect us, the users of TTR. I missed it, as everyone else. Get some rest and know we all appreciate the work you put into TTR for us.
     
    joseph1135, Sep 25, 2013
    joseph1135, Sep 25, 2013
    #3
    Weeble Kneeble, JohnBoy, TDriver4Life and 14 others Thank this.
  5. Sep 25, 2013 #4
    TruckDuo

    TruckDuo Road Train Member

    6,394
    9,373
    Oct 21, 2012
    Chicago, IL
    0
    If there is anything we can do to help....please let us know.
     
    TruckDuo, Sep 25, 2013
    TruckDuo, Sep 25, 2013
    #4
    bullhaulerswife Thanks this.
  7. Sep 25, 2013 #5
    flyingmusician

    flyingmusician Road Train Member

    4,288
    10,905
    Feb 25, 2011
    Jamestown, NC
    0
    I think any of us who have been around the site any length of time were pretty sure something was up immediately. Even if you had changed policy and asked for donations we know the way things work well enough to know that's NOT the way you would have gone about it anyway. By the time the second email came through it was 100% clear something screwy was going on.

    Thanks for the efforts to contain the damage and get everything offline quickly and for all the work you do with the site. I just hope there's some way you can track down the idiots. Having been involved in a management capacity in a hacking episode once I already know how futile those efforts can be as these idiots usually hide their tracks very well. These morons need to have their nuts cut off with a dull blade and slowly shoved down their throats till they choke on them.
     
    flyingmusician, Sep 25, 2013
    flyingmusician, Sep 25, 2013
    #5
    John's Girl, bullhaulerswife, Big Don and 2 others Thank this.
  8. Sep 25, 2013 #6
    moosc

    moosc Road Train Member

    3,284
    1,172
    Mar 5, 2009
    Lincolnton NC
    0
    As soon as I got the second pm I new something was up. Just hope no one fell for it. Thanks for the update.
     
    moosc, Sep 25, 2013
    moosc, Sep 25, 2013
    #6
    bullhaulerswife Thanks this.
  9. Sep 25, 2013 #7
    spacetrucker88

    spacetrucker88 Heavy Load Member

    784
    385
    Jan 24, 2012
    warfordsburg pa/ Red Cloud,Ne.
    0
    is it possible that the hacker may have been someone that got banned a while back?
     
    spacetrucker88, Sep 25, 2013
    spacetrucker88, Sep 25, 2013
    #7
  10. Sep 25, 2013 #8
    fr8te_sh8ker

    fr8te_sh8ker Medium Load Member

    497
    395
    Jul 8, 2013
    0
    I didn't get those fake pm's, no emails, nothing at all so I feel lucky, I guess.

    And when all the links went to an error page that was the first I noticed there was something wrong.

    What's impressive is how fast the site came back, very happy to see everything looks and feels normal again.
     
    fr8te_sh8ker, Sep 25, 2013
    fr8te_sh8ker, Sep 25, 2013
    #8
    bullhaulerswife Thanks this.
  11. Sep 25, 2013 #9
    goingcrazy

    goingcrazy Crusty Number Cruncher

    120
    2,410
    Aug 21, 2013
    At the beach
    0
    Thanks for everything you do! I haven't been around long, but man did I miss this place while it was down!

    I volunteer in as a mod for another forum and we've had smaller incidents which were a whole lot of work to fix. And that's a much smaller forum. I can only imagine the work load for a forum this size. Again, I really appreciate everything you guys do.
     
    goingcrazy, Sep 25, 2013
    goingcrazy, Sep 25, 2013
    #9
    bullhaulerswife, teddy_bear6506, John's Girl and 1 other person Thank this.
  12. Sep 25, 2013 #10
    Hammer166

    Hammer166 Crusty Information Officer

    7,542
    27,454
    Aug 18, 2007
    ~8600+' and loving it!
    0
    For future reference, none of us members can send a PM to multiple recipients; that was the tipoff that someone was in that shouldn't have been. The bad links were either a temper tantrum or an attempt to hinder word of the scam from getting around, maybe both. Sam can maybe tell from his end.

    Thanks for all the hard work, Sam and Mods!
     
    Hammer166, Sep 25, 2013
    Hammer166, Sep 25, 2013
    #10
    Big Don, HeWhoMustNotBeNamed, truckon and 2 others Thank this.
  • Truckers Report Jobs

    Trucking Jobs in 30 seconds

    Every month 400 people find a job with the help of TruckersReport.

    • Page 1 of 13