external image

Announcement Site Hacked

The Dude

The artist formally known as Casinomeister
Joined
Jun 30, 1998
Location
Bierland
Just a quick announcement - but Casinomeister was hacked, both the forum and the main site with a trojan that injected some malicious code into about 30 php files. There was also a breach in the security in the forum where users email addresses may have been compromised. If it can happen to eBay and Target, it can happen here. :mad:

I've spent the last 20 hours or so cleaning up the mess, but it's not really that bad - except for the breach of email addresses. I'm not sure if this was a deliberate malicious attack, or something random, or some rogue file that was transferred over when we moved servers. We're still investigating how this happened, and hope to find an answer soon.

I hope that a number of you have unique email addresses being used here so that if you start getting spammed, we can find out who hacked the site. That would be great. :thumbsup:

In the meantime, it would be prudent of you change your passwords for your forum account.
 
Thanks for the heads up. Is this related to the pat I made about slowness the other week?

The email address I used fortunately doesn't have any spam going to it at the minute. So as soon as I get anything I will pass anything on to you that may be of any use.

Can anyone recommend a good anti virus scanner for an iPad? Might be worth checking it over now I think.

A theory. Do you think it could have anything to do with that Aussie Casinomeister business? Seems quite a coincidence that it has happened around the same time as that. Just a thought.
 
Thanks for the heads up. Is this related to the pat I made about slowness the other week?

The email address I used fortunately doesn't have any spam going to it at the minute. So as soon as I get anything I will pass anything on to you that may be of any use.

Can anyone recommend a good anti virus scanner for an iPad? Might be worth checking it over now I think.

A theory. Do you think it could have anything to do with that Aussie Casinomeister business? Seems quite a coincidence that it has happened around the same time as that. Just a thought.

Coincidences are just that - coincidences. But we're doing a full investigation. Yes, I believe the slowness was connected.
 
Thanks for disclosing the hack.

I highly recommend that anyone that uses the same email and password here as they do on any other site should change their password - preferably to something long, random, and unique - on every other site too. Decrypting non-random passwords (and even short random ones) is not difficult with the bad guys running specialised hardware to do it.

If you have the same email and password here as on any of your casino accounts, RUN DON'T WALK and change them pronto. If I was a bad guy with those details that would be the first place I would go looking, starting with the most popular and highly rated casinos here.

Here is a good read that shows how easy it is for these guys to crack encrypted password these days:
You do not have permission to view link Log in or register now.
 
Thanks for disclosing the hack.

I highly recommend that anyone that uses the same email and password here as they do on any other site should change their password - preferably to something long, random, and unique - on every other site too. Decrypting non-random passwords (and even short random ones) is not difficult with the bad guys running specialised hardware to do it.

If you have the same email and password here as on any of your casino accounts, RUN DON'T WALK and change them pronto. If I was a bad guy with those details that would be the first place I would go looking, starting with the most popular and highly rated casinos here.

Here is a good read that shows how easy it is for these guys to crack encrypted password these days:
You do not have permission to view link Log in or register now.

Both changed. :thumbsup:

Just some terd with nothing better to do! :rolleyes:
 
I have been looking around and it appears vBulletin still uses md5 hashing which is bad (as it considered weak these days) with salt which is good because it forces the hackers to crack one password at a time rather than all of them at once.

Still, the chances are high that your password will be cracked by whoever stole them. Its only a matter of time.
 
Arss wipes, Like others said I thought it was my computer as site been running slow also I wonder if it is the auusie site that is involved?

Saying that my computer has been been on the blink last few days, I ran a check but al was fine, Only the other day miiisooo said he download a casino site and got lot of junk downloaded, marriage sites ect

Also I have just tried to go to forum and got this pop up, Nothing to do with 32red and happened a few times in recent days,

Hope all gets sorted for you and thanks for letting us no
 

Attachments

  • casinome.webp
    casinome.webp
    67 KB · Views: 596
Still, the chances are high that your password will be cracked by whoever stole them. Its only a matter of time.

Does this mean that the best thing to do right now is to change email address?:eek:

Sounds pretty smart now. Get new ones and have one "private" and then have several different at casinos and forums.
 
Just checked my email and its full of spam.

Deposit bonus this, free spins that. Is it your lucky day? What are you waiting for? Why play anywhere else? Play now!! Just give us your f***ing money already!

Come to think of it my inbox always looks like this so probably not related to the hack.
 
Also I have just tried to go to forum and got this pop up, Nothing to do with 32red and happened a few times in recent days

That could be an attack where they inject a hidden iframe into the page and load up a casino site which puts a cookie on your machine and gives them the credit to their affiliate account if you sign up there and deposit. It would explain any slowness because each time you load the page you're actually loading a whole other site at the same time, possibly multiple.

@luckysox... :lolup: assuming you weren't being serious otherwise its more like :eek:
 
Does this mean that the best thing to do right now is to change email address?:eek:

Sounds pretty smart now. Get new ones and have one "private" and then have several different at casinos and forums.

I do have a "casino junk" email account but it isn't essential. What is essential these days to make sure that you do not use the same email address and password combination at multiple sites. If you can't remember all the different passwords write them down or get a password manager like 1password or keepass.
 
This is what I wake up to this morning?:axeman: Is it just me or does there seem to be a whole lotta hacking going on worldwide in the last 12 months more than usual? If this was a coordinated hack then I hope Bryan finds them and strings them up by the you know what.:D Passwords changed. My opinion and my opinion only says this was directed at Casinomeister by someone who has a grudge.
 
Pfff, if I change my password here, that means that I have to change my password on everything else on the net.
Too much work, will do it in a week or two.

Your lacklustre attitude speaks volumes about how naive you are to online security. Using the same password for every site is a huge risk, and then delaying any action is just down right stupid.

Not a great persona to exhibit as a Casino Rep. :what:

- T
 
Your lacklustre attitude speaks volumes about how naive you are to online security. Using the same password for every site is a huge risk, and then delaying any action is just down right stupid.

Not a great persona to exhibit as a Casino Rep. :what:

- T

I believe he was just joking about his memory.
Even reps are human so no need to talk down on him just because of it.

I prefer humans to robots if they are professional when needed:)
 
Your lacklustre attitude speaks volumes about how naive you are to online security.

Um, I think it might have been a joke. Hopefully.
 
That could be an attack where they inject a hidden iframe into the page and load up a casino site which puts a cookie on your machine and gives them the credit to their affiliate account if you sign up there and deposit. It would explain any slowness because each time you load the page you're actually loading a whole other site at the same time, possibly multiple.

@luckysox... :lolup: assuming you weren't being serious otherwise its more like :eek:

I'm a little obsessive about clearing my cookies and delete ones I know I haven't expressly asked for at least 2 or 3 times a day.

These are the cookies added to my computer when I come into this site:

*32red.com
affiliateedge.eu
affiliates.borgatapartners.com
*affiliates.interpartners.com
casinomeister.com
*clubworldgroup.eu
meistermedia.co.uk
*partners.betfredaffiliates.com
tracking.affiliateedge.eu

As far as I remember the starred ones above only started appearing recently, like the last week or less.
 
I'm a little obsessive about clearing my cookies and delete ones I know I haven't expressly asked for at least 2 or 3 times a day.

These are the cookies added to my computer when I come into this site:

*32red.com
affiliateedge.eu
affiliates.borgatapartners.com
*affiliates.interpartners.com
casinomeister.com
*clubworldgroup.eu
meistermedia.co.uk
*partners.betfredaffiliates.com
tracking.affiliateedge.eu

As far as I remember the starred ones above only started appearing recently, like the last week or less.

Same as, Also my computer been acting funny in recent days, Ive done all the necessary tactics to be on the safe side
 
Another day, another password change.... been doing that a lot lately with all the different sites getting hacked. :mad:

So much business and leisure takes place online... pfffttt....
 
Thanks for the notice, Meister.

For the super lazy (like me), here's the link to reset your password: Link Outdated / Removed.

Even if you don't use the same password here as on your email, it's still worth changing. As mentioned in previous posts, it's only a matter of time before the passwords get cracked. At that point, the attacker will try to log onto this forum with your username and password, and post spam under your name. Be kind to yourself. Be kind to everyone else. Change your password.
 
As far as I remember the starred ones above only started appearing recently, like the last week or less.

It sounds like you're suggesting that some of those cookies may belong to whomever hacked the site. If so, that would definitely be a clear fingerprint to uncover who the guilty party is.

Sorry to hear that your site was hacked, Bryan.
 
Well I'm not sure if it's from this site's hacking or not but I just got an email from Super Slimmer (whoever they are) but the email it came from is my email addy. How is it possible to have the same email address for the sender and recipient?
 
Email headers are often forged. It's just a gimmick to get people to open the message. It's more alarming when it says it is from someone who is in your address book, because that means one of you has a compromised mailbox.
 
Possible they logged into your email and sent it to yourself? Or an email spoofing service?

My email password is unique to anything else I do online (casino passwords,forums ect) so they couldn't have gotten it from hacking Casinomeister. But I guess there's software that can hack it so now what do I do? I've had the same email addy for 17 years. I wouldn't even know where to start to change it with all of the sites I belong to. Not sure what an email spoofing service is. Can you please elaborate?
 
Just great! First Ebay and now this!

Good to know it's not just at the casinos where my bad luck run continues.

What's next for goodness sake?

Sorry it had to happen to a nice bloke Bryan. :(
 
Well I'm not sure if it's from this site's hacking or not but I just got an email from Super Slimmer (whoever they are) but the email it came from is my email addy. How is it possible to have the same email address for the sender and recipient?

There is ways around to send email and get it as from your self, I member a good few years back 24x used to do free sms and could send message to somebodys phone from any persons number, so you could send a message to your mate and put in another mates number, I do not think its ever been legit but they soon stooped it, Again theres probs ways around that now also but was simple as to put in there numbers and text b4 :)
 
Email spoofing is pretty much what airwave said. It's forging the header or sender information to make an email look like it has come from somewhere else. Usually with the intention of getting you to open it and trust the content more. It's an old trick that's been going on for years. A lot of the time these days they are usually used to try and circumvent junk mail filters etc.
 
Thanks Captain and airwave. Most likely is a spoofing service by the look of it then. Was worried for a minute there that I was hacked. Thanks for your input. Much appreciated. I'll post again if anything else happens
 
Also I have just tried to go to forum and got this pop up, Nothing to do with 32red and happened a few times in recent days,

Hope all gets sorted for you and thanks for letting us no
Damn 32Red guys - dodgy as hell :mad:

:p

That's associated with the script for their leader board which is actually located in the middle of the right panel. You may have clicked from one page to another too quickly and the script didn't have a chance to properly load. You're too fast for the hamster. :D

As for the cookies that you might find, you'll get those when you click links to those sites - they are pretty innocuous.
 
There is ways around to send email and get it as from your self, I member a good few years back 24x used to do free sms and could send message to somebodys phone from any persons number, so you could send a message to your mate and put in another mates number, I do not think its ever been legit but they soon stooped it, Again theres probs ways around that now also but was simple as to put in there numbers and text b4 :)

E-mail is an inherently insecure method of communication, when connected directly with an email server you are able to specify any "from" text you like, luckily though these days most providers automatically detect these 'forged headers and mark the message as spam.

Also re 24x, am pretty certain you can still send SMS with fake from text now if you buy credits, we used to send adverts for our club nights from "mum" which was pretty funny at the time..:)
 
Wow these guys will try anything. This time I got an email from myself but apparently I'm Skrill now lol. Is there any way to stop this spoofing crap or am I gonna have to close down my email and get a new one? Do you think they'll give up when they realize I'm not falling for it?
 
just wondering for the last couple of days while i,m reading a thread everytime i would hit it to go to the next page it would take me to double down casino on

facebook and i would have to close that page so i could get to the next page. i thought maybe this was done to get people to play at double down casino i just could,nt

understand why casinomeister was doing it?

so i take it that this also was caused by this site being hacked?
 
Wow these guys will try anything. This time I got an email from myself but apparently I'm Skrill now lol. Is there any way to stop this spoofing crap or am I gonna have to close down my email and get a new one? Do you think they'll give up when they realize I'm not falling for it?

I'm not aware of anything much you can do about it other than to ask your host/email provider to block the offending IP address.
 

Users who are viewing this thread

Accredited Casinos

Read about our rating system and how it's done.
Back
Top