I suppose it is no secret to most of you that we suffered from an attack this week. This case is rather complicated because you can view it from many different angles, and there are there are many different people involved.
To our (the staff team's) current knowledge, this is the list of people who participated, one way or the other:
Let's start out with the things that I know for certain:
a) Kyoseron places cookie stealing script in custom title.
b) Arbe uses stolen cookie to access SNN's account.
c) Using a proxy server, he unbans his IP and gives user #1974 Administrator priviledges.
d) Arbe logs in to user #1974 from which he gives staff powers to several other users.
And now, I would like to present some of the things I heard from various people. The following may or may not be the truth. I don't know whether it is or not. Judge for yourself:
Supposedly, Arbe only functioned as a catalyst for the attack. That is, without him, it is likely nothing would have happened. It has been claimed that he had no real interest in the attack, but only participated because he was asked for help on how to hack the Central. The people who asked him would be the same people who later got staff powers with his help so that they could empty the site's file sections and forums.
It has been suggested that the attack was performed because of certain users' dissatisfaction with certain staff members. If this is the case, I would love to hear about it. After all, this is why there is a "Staff complaints" thread. I can report that the hole used to perform this attack (to my knowledge) has been closed. A couple of other things were taken care of at the same time.
Q) So, wait, what... what does it mean to steal cookies?
Q) Hashed password? What does this mean? Do I have to change my password everywhere?
A) Making a hash of some text is generally an irreversible process. There does exist lookup tables on the Internet, though, where you can search for a hash's unhashed counterpart. This doesn't necessarely mean that it is possible to obtain your password from the hash. First of all, if your password was complicated, it is likely that it doesn't exist in such a lookup table. Secondly, a salt is added to the password before it is hashed. This basically means that we're adding complexity to the password so that it might not be found as easily.
It would be safe to say that it probably wouldn't be stupid of you to change your password in places where you used the same password as you did on SMW Central. Perhaps you should consider not sharing your SMW Central password with any other accounts.
... aaaand that's basically it, I suppose. Feel free to ask any questions.
Arbe has been arround for quite some time. His first attack happened last May, when he wiped out the entire section by manipulating certain users and getting their passwords. Needless to say, he is bad news.
(also, taking bets on how long it takes for one of them to rereg and do some generic 'you'll never win' shit.)
Arbe is a user we had trouble with before. He is horribly skilled at manipulating people into thinking that he can change for the better, but some time ago we realized, that this probably isn't possible. We tried dealing with him in different ways, but nothing helped. Eventually it just became a matter of banning him at the same pace as he could find a new proxy server to use. According to himself he doesn't really have anything against the site, but fact is that he has attacked it several times.
There is always the 1 or 2 people that have to ruin it for people. Although I'm new here I'm not stupied and I know how devastating an attack like this can be. I've changed my password to be on the safe side. But it's a good example to always be prepared cause there are people that will spoil it and it can be those that you least suspect.
Fortunetly the damage could of been a lot worse and the staff have done very well in reducing the damage.
-------------------- I'm not the star of the show but I try to be.
Currently making a SMW rom hack with 7 worlds. Hope to finish it soon.
The list is up. And just wow. Many people involved in this. As the majority, I'm surprised about Kyoseron, being a full mod at this site involved in this event. The others.. well. About Yoshiro, TNR and MWC, they were banned several times and the motion probably was some sort of revenge as stated before. About the others, I don't know them well. ShadowNinjaNick strangely requested a ban until June 19.. That was weird. And the others maybe had contacted with Arbe to help him, that's the only way I can think about their participation in the assault. I was thinking that Simple Bag was involved too, because he had a brown nick, but apparently he isn't (and it'd be another person without a clear motivation to participate in this thing).
Well, ending I'd like to say I'm very sad again that this happened. Just that.
Location: Rio Grande do Sul, Brazil