|
Ythan
ᕕ( ᐛ )ᕗ
Registered: 08/08/97
Posts: 18,817
Loc: NY/MA/VT Borderlands
Last seen: 6 hours, 19 minutes
|
Welcome back! 53
#26122914 - 08/05/19 03:58 PM (4 years, 7 months ago) |
|
|
Hello everybody, welcome back to the Shroomery! We're so sorry for the delay!
Q: Why was the site down?
A: We got hacked. An attacker stole a copy of our e-mail server's database.
Q: How did it happen?
A: The Shroomery uses a separate server for hosting uploaded files, like images and attachments. An attacker discovered a vulnerability on that server. It allowed them to upload a specially crafted file which appears to be a valid image, but also contains executable code which could be run remotely. They were able to install a web-based file manager and retrieve an unencrypted backup of our mail server database which was stored on that machine. Once they had access to the e-mail credentials, they were able to request a password reset on the forums and vandalize the site using my own account. Pretty embarrassing, but it also got our immediate attention and limited the scope of the attack.
Q: Why did this happen?
A: It appears we were not a primary target. Our attacker originally set out to hack spore vendors, blackmail them, and exploit any opportunity to steal their website traffic, business records, and cryptocurrency. When one of our sponsors refused to give in to extortion, the attacker wanted to damage their business. One way of doing this was to gain access to the Shroomery and change all the sponsor's links to point to a sketchy competitor. Once the attacker found an exploit on our site, they also tried to blackmail us too, but I don't think this was their original goal.
Q: Are Shroomery members at risk in any way?
A: If you ever had an e-mail account hosted by us @shroomery.org or @growery.org and you re-used your e-mail password for other websites or services, you should immediately change this password anywhere else it was used. Even if your e-mail account is no longer active, a file may now be floating around which contains your old Shroomery e-mail address and the most recent password you used for that account. We sincerely regret this lapse in security and we have completely transitioned our e-mail services to a specialized professional third party to prevent anything like this from happening again.
Other than that, the risk should be minimal. Forum accounts were not affected, unless you happen to have the same password as your e-mail account. Our old mail server is no longer accessible from the internet and the only e-mail account the attacker actually logged in to was my own. All sensitive information and destructive admin functionality is locked behind additional layers of security, so even using my account, they couldn't read sensitive posts in the admin forum or access any powerful administrative tools.
Now that we're back online I expect our attacker will be closely scrutinizing our infrastructure and looking for new exploits. That's not unusual - we're constantly getting poked and prodded by people trying to find vulnerabilities - but now it may be more of an enticing challenge. We've locked things down as best we can and we'll be keeping a close eye on the situation.
Q: So if it wasn't the hack of the century, why did it take so long to bring the site back online?
A: Well, we didn't want to half-ass it. For the server that got hacked, we opted to replace it entirely which was a bit of an ordeal. We also had to carefully audit the rest of our infrastructure and make sure it wasn't vulnerable to the same class of exploit. And we had to investigate some claims made by the attacker about different vulnerabilities they'd discovered. And migrate e-mail to a separate platform. And update our scripts to work with the new setup. And address some other outdated and lapsed security practices. There were a million small but time-consuming details before we felt comfortable bringing the site back online.
Also, we just weren't really anticipating this. With planned maintenance, we always try to perform it seamlessly behind the scenes. But in an emergency, we have to bring the site offline immediately, and keep it down while we take care of all the required work and testing.
At the end of the day this is a niche site with limited revenue potential. We can't afford professional full-time administrators. None of the admins are employed by the Shroomery as their main job. We're all approaching middle age and have our own real-life obligations. Once the immediate threat was contained, we stopped working so frantically and just did the best we could in the free time we had available. We regret if this impacted anyone who was relying on the Shroomery for time-sensitive information.
Q: Why didn't you post more updates? People were getting worried!
A: Yeah, we didn't do a great job with communication this time around. We got some information out on Twitter and Facebook, but it wasn't a very high priority, and when we had time we were mostly focused on getting things fixed. Frequently we just didn't have anything to report except "still working on it, ETA undetermined". But I recognize that's still better than nothing. Next time we're facing prolonged downtime, we'll provide more frequent updates directly on the site's front page.
Q: When I click on an image or try to download an attachment, it doesn't work?
A: We're still transferring data to the new file server. Rather than wait any longer, we decided to bring the site back online with some uploads missing. No data was lost. The files will finish transferring over the coming week. Newly uploaded files should appear immediately.
Q: I just bought a supporter account from the new Shopify store. Did I lose all the time the site was down?
A: No, all supporter accounts have been credited for the downtime.
Q: I can't access my Shroomery e-mail account anymore?
A: For now, the Shroomery is no longer providing hosted e-mail as an extra feature for supporters. We may re-visit this in the future but we don't want to offer functionality if we can't keep it properly maintained and secured. Because the store has been offline for so long, most supporter accounts are technically expired and were on borrowed time anyway. If you are one of the few people who purchased a supporter account from our new Shopify store during the brief period it was online, you may open a support ticket and request a refund if you feel your supporter account no longer provides a good value. If you had important e-mail stored on our server, please open a support ticket and we can send you an archive of your old messages.
Q: So everything's fixed now?
A: Fuck, I sure hope so. We made some substantial changes and it's possible there are some bugs, but hopefully nothing major. If you notice a problem, please give it a minute or two and see if it's in the process of being fixed, otherwise please report it and we'll give it our immediate attention!
Q: How can I help support the site in the wake of this attack?
A: I love our community, and the fact that I anticipated this as a frequently asked question. You already gave us your patience, and that's really all we needed. Please just stick around, remain active on the site, and help us get things back to normal!
|
twighead
mͯó
Registered: 08/27/08
Posts: 30,332
Loc: Glenn Gould's Fuck Windmill
Last seen: 4 hours, 15 minutes
|
Re: Welcome back! [Re: Ythan] 6
#26122918 - 08/05/19 06:56 PM (4 years, 7 months ago) |
|
|
Thanks for looking out for us capt
|
Gonzo the Eternal
In Sterquiliniis Invenitur
Registered: 05/09/18
Posts: 480
Last seen: 4 years, 6 months
|
Re: Welcome back! [Re: twighead] 4
#26122927 - 08/05/19 06:59 PM (4 years, 7 months ago) |
|
|
Good to see everything is okay. Thanks for all your hard work guys.
|
Tormato
The Goddess Kali Meh 😛
Registered: 07/01/17
Posts: 6,067
|
Re: Welcome back! [Re: twighead]
#26122928 - 08/05/19 06:59 PM (4 years, 7 months ago) |
|
|
Quote:
twighead said: Thanks for looking out for us capt
Glad we're back in business!
-------------------- Helpful Threads The Shroomery Store Tormato's Q&A Thread Post Questions Here or PM me! "Lately it occurs to me what a long, strange trip it's been." ~ Grateful Dead Before you start...Do you have a Pressure Cooker and a Dehydrator? I highly recommend getting both!
|
mndfreeze
Shroomery Secret Service
Registered: 04/22/02
Posts: 20,533
Loc: PuppetMasterFlash
Last seen: 7 hours, 15 minutes
|
Re: Welcome back! [Re: Tormato] 3
#26122936 - 08/05/19 07:02 PM (4 years, 7 months ago) |
|
|
-------------------- Nothing says love like grannies prolapsed anus! quote]Urb said: I know... Its fucked up... Ill fix it minyana..[/quote]
|
Learyfan
It's the psychedelic movement!
Registered: 04/20/01
Posts: 34,182
Loc: High pride!
Last seen: 9 hours, 25 minutes
|
Re: Welcome back! [Re: Ythan] 9
#26122949 - 08/05/19 07:08 PM (4 years, 7 months ago) |
|
|
So glad to see us back! There for a bit, I thought this was the big one.
-------------------- -------------------------------- Mp3 of the month: Sons Of Adam - Feathered Fish
|
bodhisatta
Smurf real estate agent
Registered: 04/30/13
Posts: 61,891
Loc: Milky way
|
Re: Welcome back! [Re: twighead]
#26122954 - 08/05/19 07:10 PM (4 years, 7 months ago) |
|
|
|
Mr. Funguy
Quasi Frodo
Registered: 01/19/19
Posts: 1,077
Loc: Terra
Last seen: 4 years, 4 months
|
|
Fuckyes...
|
Asura
Cyantist
Registered: 08/01/11
Posts: 5,047
Loc: Texas
Last seen: 11 hours, 7 seconds
|
|
Good lord sweet Jesus!
|
pineninja
Dream Weaver
Registered: 08/17/14
Posts: 12,468
Loc: South
|
|
Oh, was the shroomery down.
-------------------- Just a fool on the hill.
|
NosmoKing
Stranger
Registered: 01/12/18
Posts: 189
Last seen: 2 years, 27 days
|
|
Hey thanks for giving us an update.
|
fluorescent
Unexpected.
Registered: 06/30/17
Posts: 157
Last seen: 1 month, 15 days
|
Re: Welcome back! [Re: Ythan]
#26122972 - 08/05/19 07:16 PM (4 years, 7 months ago) |
|
|
Whoohoo! I've been missing this community!
|
Munchauzen
Registered: 06/22/11
Posts: 14,343
|
|
Now I can stop accidentally clicking the bookmark, only to close the tab
|
PumpJackTeX
livin life
Registered: 05/26/08
Posts: 3,951
Loc: California
Last seen: 1 year, 1 month
|
|
Not gonna lie, I missed y'all.
-------------------- Life. 2008 Ascension Energy | UFOs | 2021
|
connectedcosmos
Neti Neti
Registered: 02/07/15
Posts: 7,504
Loc: The Pathless Path
|
|
yay
-------------------- 54. The true nature of things is to be known personally , through the eyes of clear illumination and not through a sage : what the moon exactly is , is to be known with one's own eyes ; can another make him know it?
|
verum subsequentis
seeker of truth
Registered: 03/22/16
Posts: 8,732
Last seen: 1 year, 9 months
|
|
Thanks to all who put in the unseen work that keeps this community rolling. I really appreciate you all. AND, that made me a little nervous. On a scale of 1 to 10, how safe are you mods feeling like we all really are?
|
John Nada
Toujours Frais
Registered: 03/03/03
Posts: 97,746
Loc: Hotwings; race car
|
Re: Welcome back! [Re: Ythan] 1
#26123010 - 08/05/19 07:29 PM (4 years, 7 months ago) |
|
|
I could just be imagining shit, but the site seems a lot faster and more responsive now.
|
Moria841
Registered: 07/02/18
Posts: 4,968
Loc: NJ
Last seen: 8 hours, 32 minutes
|
|
Woo!!
|
Munchauzen
Registered: 06/22/11
Posts: 14,343
|
Re: Welcome back! [Re: Moria841] 1
#26123018 - 08/05/19 07:31 PM (4 years, 7 months ago) |
|
|
anyone else have issues with their old pics? most of mine say deleted when I click
|
bodhisatta
Smurf real estate agent
Registered: 04/30/13
Posts: 61,891
Loc: Milky way
|
|
Read the OP.
|
|