The Forum Was Compromised, But We Are 100% Back Online!
As some of you may have noticed, the forum has been down for the majority of today. The reason being, is because one of the administrator accounts was compromised, and the forum was hacked. I have tracked down the hacker, and everything is now fine. The hacker sent out an e-mail to everyone advertising the hacker's site. The only down side is that I had to revert the forum to a 2-day old backup of the database. The administrators are currently setting up some more proactive defenses to prevent such attacks in the near future.
For your protection, you should change your password on ZomgStuff. If you wish, you can just add a number of several special characters at the end of your password, but changing the password altogether is recommended. If you used your password on any other sites, I recommend you change your password on the other sites (as a rule, you shouldn't use the same password on multiple sites). To change your password, follow the following link: Change Reset.
Do not worry, your password was not compromised, but your password hash may or may not have been. vBulletin hashes your password multiple times, making it mathimatically impossible to crack, but it is still possible to bruteforce a wordlist and compare the hash to that of yours (although vBulletin uses a special salt technique, which makes this even harder, if not impossible). The hacker would not only need to know the technique used by vBulletin to encrypt passwords, but to know your 3 character salt, which is treated like a key for a cypher, and is randomly generated for each user upon registartion
In all, the site is fine now, we are running on a 2-day old database backup, and we highly recommend you change your password.
Thank you, and we sincerely apologize about this inconvenience.
Edit:
It's come to my attention that certain avatars have become corrupted within the database, and some of you may need to reupload your avatars.
Originally Posted by HalfL
