To LUGNET HomepageTo LUGNET News HomepageTo LUGNET Guide Homepage
 Help on Searching
 
Post new message to lugnet.generalOpen lugnet.general in your NNTP NewsreaderTo LUGNET News Traffic PageSign In (Members)
 General / 55846
55845  |  55847
Subject: 
 BrickLink.com was hacked
Newsgroups: 
 lugnet.general
Followup-To: 
 lugnet.general, lugnet.market.buy-sell-trade
Date: 
 Thu, 7 Jun 2012 23:30:17 GMT
Highlighted: 
 (details)
Viewed: 
 20964 times
  
Some of you may have already know that BrickLink.com site was hacked/attacked few days ago.

Eric Smith the BrickLink Administrator is running the site along with a small team to maintain the site. They are working to plug and secure each page/section of the site.

Be patience with Eric and the BL team. Things don’t happen overnight.

BrickLink messenge on June 4, 2012. Eric mention: Site Error Reporting.

BrickLink.com

I just finished making the fixes for the inventory pages that people have been complaining about:

inventory verify.asp
invSetVerify.asp
invXMLverify.asp
inventory final.asp

Initial testing from the TwitterVerse is promising, so far so good.

Twitter: BricklinkAdm https://twitter.com/#!/BricklinkAdm

As to further fixes, we are ramping up our team right now with both ASP and security experts to help block the continuing exploits that are happening by people with WAY too much time on their hands. The current error list is here:

catalogInvAdd.asp
catalogInvItemVer.asp
catalogListAction.asp
catalogOptions.asp
catalogUpload.asp
favSearchAdd.asp
getPmt.asp
imgDir.asp
memberCollage.asp
messageFilter.asp messagePostCode.asp
my.asp
mySettings.asp
orderCoupons.asp
orderSettingsCols.asp
pref address.asp
pref me.asp
pref Seller.asp
prefsettings.asp
pref stop.asp
pref terms.asp
problemMember.asp
register.asp
retractOrder.asp
retractOrderItemEdit.asp
searchSettings.asp
wantedAddDetail.asp
wantedDetail.asp
wantedSettings.asp
wantedSetVerify.asp
wantedShop.asp
wantedView.asp


As of today June 7, 2012 Eric as reported:

http://www.bricklink.com/message.asp?ID=642624

As a few people noticed, a number of major accounts were merged fraudulently around 12:15 pm EDT today. As a merge is almost impossible to undo, the solution was to do a database rollback to 12:00 PM EDT today. This breach was due to the Admin user ID being stolen.

We have done a number of things to mitigate this threat, but the main one that will be visible is the fact that marking the “save my password” box will no longer work. I understand that this is an inconvenience for you, as it is for me.

We are working on high priority fixes now but will be continuing to work on securing every page and every database object in the site over the next weeks. There’s a lot of code to cover and every page/stored proc has to be touched.

I will continue to provide updates via Twitter and will provide a new list of pages on the triage list. The last one I posted is here:

http://www.bricklink.com/message.asp?ID=641686

Thank you for your patience while we tighten the system down to prevent further breaches.

Eric Bricklink Admin

-end of report-

Copied info from Bricklink.com, just in case if the site goes down again and if people are wondering what is going on. Be patience with Eric and the BL team.



1 Message in This Thread:

Entire Thread on One Page:
Nested:  All | Brief | Compact | Dots
Linear:  All | Brief | Compact
    
Custom Search

©2005 LUGNET. All rights reserved. - hosted by steinbruch.info GbR