Announcement Site Hacked

Casinomeister

Forum Cheermeister
Staff member
Just a quick announcement - but Casinomeister was hacked, both the forum and the main site with a trojan that injected some malicious code into about 30 php files. There was also a breach in the security in the forum where users email addresses may have been compromised. If it can happen to eBay and Target, it can happen here. :mad:

I've spent the last 20 hours or so cleaning up the mess, but it's not really that bad - except for the breach of email addresses. I'm not sure if this was a deliberate malicious attack, or something random, or some rogue file that was transferred over when we moved servers. We're still investigating how this happened, and hope to find an answer soon.

I hope that a number of you have unique email addresses being used here so that if you start getting spammed, we can find out who hacked the site. That would be great. :thumbsup:

In the meantime, it would be prudent of you change your passwords for your forum account.
 

Tirilej

Still a Lady
CAG
MM
So is this what have caused the site to run so slow, and all other problems with google lately, or is it new not related?

Password changed :thumbsup:
 

Casinomeister

Forum Cheermeister
Staff member
So is this what have caused the site to run so slow, and all other problems with google lately, or is it new not related?

Password changed :thumbsup:
All related. :D
 

Captain Chaos

Senior Member
webby
MM
Thanks for the heads up. Is this related to the pat I made about slowness the other week?

The email address I used fortunately doesn't have any spam going to it at the minute. So as soon as I get anything I will pass anything on to you that may be of any use.

Can anyone recommend a good anti virus scanner for an iPad? Might be worth checking it over now I think.

A theory. Do you think it could have anything to do with that Aussie Casinomeister business? Seems quite a coincidence that it has happened around the same time as that. Just a thought.
 

Casinomeister

Forum Cheermeister
Staff member
Thanks for the heads up. Is this related to the pat I made about slowness the other week?

The email address I used fortunately doesn't have any spam going to it at the minute. So as soon as I get anything I will pass anything on to you that may be of any use.

Can anyone recommend a good anti virus scanner for an iPad? Might be worth checking it over now I think.

A theory. Do you think it could have anything to do with that Aussie Casinomeister business? Seems quite a coincidence that it has happened around the same time as that. Just a thought.
Coincidences are just that - coincidences. But we're doing a full investigation. Yes, I believe the slowness was connected.
 

zanzibar

Senior Member
Thanks for disclosing the hack.

I highly recommend that anyone that uses the same email and password here as they do on any other site should change their password - preferably to something long, random, and unique - on every other site too. Decrypting non-random passwords (and even short random ones) is not difficult with the bad guys running specialised hardware to do it.

If you have the same email and password here as on any of your casino accounts, RUN DON'T WALK and change them pronto. If I was a bad guy with those details that would be the first place I would go looking, starting with the most popular and highly rated casinos here.

Here is a good read that shows how easy it is for these guys to crack encrypted password these days:
You do not have permission to view link Log in or register now.
 

P.V.

Senior Member
webmeister
Thanks for disclosing the hack.

I highly recommend that anyone that uses the same email and password here as they do on any other site should change their password - preferably to something long, random, and unique - on every other site too. Decrypting non-random passwords (and even short random ones) is not difficult with the bad guys running specialised hardware to do it.

If you have the same email and password here as on any of your casino accounts, RUN DON'T WALK and change them pronto. If I was a bad guy with those details that would be the first place I would go looking, starting with the most popular and highly rated casinos here.

Here is a good read that shows how easy it is for these guys to crack encrypted password these days:
You do not have permission to view link Log in or register now.
Both changed. :thumbsup:

Just some terd with nothing better to do! :rolleyes:
 

zanzibar

Senior Member
I have been looking around and it appears vBulletin still uses md5 hashing which is bad (as it considered weak these days) with salt which is good because it forces the hackers to crack one password at a time rather than all of them at once.

Still, the chances are high that your password will be cracked by whoever stole them. Its only a matter of time.
 

spintee

Ueber Meister
webby
mm2
Arss wipes, Like others said I thought it was my computer as site been running slow also I wonder if it is the auusie site that is involved?

Saying that my computer has been been on the blink last few days, I ran a check but al was fine, Only the other day miiisooo said he download a casino site and got lot of junk downloaded, marriage sites ect

Also I have just tried to go to forum and got this pop up, Nothing to do with 32red and happened a few times in recent days,

Hope all gets sorted for you and thanks for letting us no
 

Attachments

luckysox

Karjala Kasino Rep
Pfff, if I change my password here, that means that I have to change my password on everything else on the net.
Too much work, will do it in a week or two.
 

maphesto

Dormant account
Still, the chances are high that your password will be cracked by whoever stole them. Its only a matter of time.
Does this mean that the best thing to do right now is to change email address?:eek:

Sounds pretty smart now. Get new ones and have one "private" and then have several different at casinos and forums.
 
J

Jory

Guest
Just checked my email and its full of spam.

Deposit bonus this, free spins that. Is it your lucky day? What are you waiting for? Why play anywhere else? Play now!! Just give us your f***ing money already!

Come to think of it my inbox always looks like this so probably not related to the hack.
 

zanzibar

Senior Member
Also I have just tried to go to forum and got this pop up, Nothing to do with 32red and happened a few times in recent days
That could be an attack where they inject a hidden iframe into the page and load up a casino site which puts a cookie on your machine and gives them the credit to their affiliate account if you sign up there and deposit. It would explain any slowness because each time you load the page you're actually loading a whole other site at the same time, possibly multiple.

@luckysox... :lolup: assuming you weren't being serious otherwise its more like :eek:
 

zanzibar

Senior Member
Does this mean that the best thing to do right now is to change email address?:eek:

Sounds pretty smart now. Get new ones and have one "private" and then have several different at casinos and forums.
I do have a "casino junk" email account but it isn't essential. What is essential these days to make sure that you do not use the same email address and password combination at multiple sites. If you can't remember all the different passwords write them down or get a password manager like 1password or keepass.
 

P.V.

Senior Member
webmeister
I recently changed my email address when I shut down PV. Should be interesting to see if I start getting junk mail other than the usual crap. :axeman2:
 

osulle

Well-Known Member
CAG
mm1
mm4
This is what I wake up to this morning?:axeman: Is it just me or does there seem to be a whole lotta hacking going on worldwide in the last 12 months more than usual? If this was a coordinated hack then I hope Bryan finds them and strings them up by the you know what.:D Passwords changed. My opinion and my opinion only says this was directed at Casinomeister by someone who has a grudge.
 

EbeeDog

Senior Member
MM
I cant change it. I cant remember what it was in the first place. Wait......was it..."Keef"?
 

Tropicana50

Senior Member
Pfff, if I change my password here, that means that I have to change my password on everything else on the net.
Too much work, will do it in a week or two.
Your lacklustre attitude speaks volumes about how naive you are to online security. Using the same password for every site is a huge risk, and then delaying any action is just down right stupid.

Not a great persona to exhibit as a Casino Rep. :what:

- T
 

Tirilej

Still a Lady
CAG
MM
Your lacklustre attitude speaks volumes about how naive you are to online security. Using the same password for every site is a huge risk, and then delaying any action is just down right stupid.

Not a great persona to exhibit as a Casino Rep. :what:

- T
I believe he was just joking about his memory.
Even reps are human so no need to talk down on him just because of it.

I prefer humans to robots if they are professional when needed:)
 
Top