We Had A Problem Here at Insomniacs Lounge

lanidar

Dormant account
Joined
Sep 5, 2003
Location
Avenel, New Jersey
We had A Problem Here
--------------------------------------------------------------------------------
On October 23, 2004 - A criminal scored another target by deleting this entire forum. Nothing left what so ever. I can think of one reason only, why someone would do that to a posting forum and that is, a post must have been made against him that he didn't want anyone reading, so instead of just deleting the post, he decides to delete the forum.

The HACKER went in and used Lanidar2000, who is an Administrator to do his dirty work. Then before leaving Insom, he changed my password so that I couldn't log in!


It isn't costing Insomniacs Lounge one thing but a little time to put back the banners, links and forums and let the posting start again. I'm just relieved that what happened here isn't anything like what happened to this place:::

In February 2003, Russian organized crime scored another target by taking control of Grafix Softech, the largest Internet gaming enterprise that operates 120 gambling websites. The shutdown was devastating. According to Juan Bonilla, executive vice president of Grafix Softech, located in San Juan, Costa Rica, �The payoff to restore service was insignificant compared to loss of data containing names of customers and other operational records destroyed once the DOS attacks were unleashed.� In a miraculous feat, Bill Margeson, president of CBL Data Recovery Technologies, and staff technicians recovered the valuable data. They discovered the Russian criminals had bypassed firewalls and other security systems and inserted a virus into the five servers that Grafix used for online operations. �It was akin to hacking into the Pentagon,� Margeson told investigators.

Now isn't that a shame, that something like that happened to the owner of Grafix Softech, located in San Jose Costa Rica, just horrible! And I'm sure he's such a great guy that he would never consider doing anything harmful against or to another person.

By the way, I checked the log files, and here is the IP of the person responsible for deleting Insomniacs Lounge 65.182.30.15. And what a coincidence, it traces back to Costa Rica.

Information on trace:

American Registry for Internet Numbers

North America, South America, the Caribbean and sub-Saharan Africa

AMNET US AMNET-BLK4 (NET-65-182-0-0-1)
65.182.0.0 - 65.182.31.255
Radiografica Costarricense SA AMNET-BLK4-CR-RACSA-02 (NET-65-182-11-0-1)
65.182.11.0 - 65.182.30.255

# ARIN WHOIS database, last updated 2004-10-23 19:10
# Enter ? for additional hints on searching ARIN's WHOIS database.
AMNET US AMNET-BLK4 (NET-65-182-0-0-1)
65.182.0.0 - 65.182.31.255
Radiografica Costarricense SA AMNET-BLK4-CR-RACSA-02 (NET-65-182-11-0-1)
65.182.11.0 - 65.182.30.255

Strange, isn't it?
 

caruso

Banned User - repetitive violations of 1.6 - troll
Joined
Jan 16, 2002
Location
England
Blimey, Lanidar, how incredibly f*****d up. I'm sorry to hear that, and that you've evidently lost the entire contents of the forum. What could the motivation of the malicious bastard have been? If it was a rogue casino operator they must be used to bad press so to single you out seems bizarre. How pathetic.

Couldn't you have backed up the forum contents somehow, so as not to lose everything in the event of a disaster like this?
 

bethug

Banned User - Winner of the "<a href="http://www.c
Joined
Apr 20, 2003
so sorry, I had the same thing happen to my site, one of the rogue casino reported me , for reporting them slow pay.
 

bethug

Banned User - Winner of the "<a href="http://www.c
Joined
Apr 20, 2003
john , do u use the same password , that u use at one of a rtg casino?
 

Sodax77

Dormant account
Joined
Apr 15, 2004
Location
EU|FI
That really sucks! Shame on this person!

Btw, i use this tiny program (45kb)
You do not have permission to view link Log in or register now.


And here is result:

IP Addresses Report


Created by using IPNetInfo
Order 1
IP Address 65.182.30.15
Status Succeed
Country USA - Florida
Network Name AMNET-BLK4-CR-RACSA-02
Owner Name Radiografica Costarricense SA
From IP 65.182.11.0
To IP 65.182.30.255
Allocated Yes
Contact Name Radiografica Costarricense SA
Address Avenida 5 Calle 1
San Jose

Email kopper@racsa.co.cr
Abuse Email inetcontact@amnetus.com
Phone +1-954-346-0324
Fax
Whois Source ARIN

_________________________________________

Address: Avenida 5 Calle 1
City: San Jose
StateProv:
PostalCode: SJ 54-1000
Country: CR

NetRange: 65.182.11.0 - 65.182.30.255
CIDR: 65.182.11.0/24, 65.182.12.0/22, 65.182.16.0/21, 65.182.24.0/22, 65.182.28.0/23, 65.182.30.0/24
NetName: AMNET-BLK4-CR-RACSA-02
NetHandle: NET-65-182-11-0-1
Parent: NET-65-182-0-0-1
NetType: Reassigned
NameServer: DNS1.RACSA.CO.CR
NameServer: DNS2.RACSA.CO.CR
Comment:
RegDate: 2004-06-03
Updated: 2004-06-03

TechHandle: KOPPE-ARIN
TechName: Kopper, Luis
TechPhone: 506-287-0446
TechEmail: kopper@racsa.co.cr

OrgTechHandle: KOPPE-ARIN
OrgTechName: Kopper, Luis
OrgTechPhone: 506-287-0446
OrgTechEmail: kopper@racsa.co.cr

# ARIN WHOIS database, last updated 2004-10-23 19:10
# Enter ? for additional hints on searching ARIN's WHOIS database.
 

snuf419

Dormant account
Joined
Mar 22, 2003
My $10,000 says one of them evil RTG's did it.
Not a hacker or anything, just a CSR who happened to locate your account and knew you had a website.
 

GrandMaster

Ueber Meister
CAG
Joined
Jan 21, 2004
Location
UK
snuf419 said:
My $10,000 says one of them evil RTG's did it.
Not a hacker or anything, just a CSR who happened to locate your account and knew you had a website.
The normal procedure is that only an encrypted version of the password is stored, so that nobody can find out your password without devoting some serious computing effort to it. A customer service rep can set your password if you forget it, but he cannot tell you what your password was. I would be shocked if RTG used such an insecure method as storing the passwords in plaintext.
 

jetset

RIP Brian
CAG
Joined
Feb 22, 2001
Location
Earth
That's a real bummer for you and Jinnia, Lanidar and I sympathise with you. Frustrating not knowing what information they had as their primary target, but presumably you have briefed all your Insomniac members and perhaps one of them will come up with something that will give you a lead. It certainly is a mean world we're in!

May we use this in InfoPowa as a reminder to other sites that tight security and protective screening are critically important?
 

Petunia

Dormant account
Joined
Sep 22, 2004
Location
Woman lives in London
Laddinar & Jinnia,
So bloody sorry so hear about this. Who would do it? Anyone really with a sick sense of self-satisfaction. A ego tripper, a child.
I am glad to hear that you guys have not lost financially, but then, I do believe time is money!! (Worth in gold !)
I wish you best of fortune in catching this person, and may he/she/it burn in an infernal hell of capturing data in purgatory.
That, or the flees of a thousand camels invest the pubic area and their hands turn into hooks.
Either way, I hope it is unpleasant!
--- Please let me know if there is anything I can try and assist with. Might be a ditz, but I am a ditz with loads of knowledge! ----
 

lanidar

Dormant account
Joined
Sep 5, 2003
Location
Avenel, New Jersey
jetset said:
May we use this in InfoPowa as a reminder to other sites that tight security and protective screening are critically important?
You cetainly may...and thank you for your advice.

AND...thank you Petunia and everyone else that wishes us well. :notworthy
 
Last edited:

jinnia

Dormant account
Joined
Mar 7, 2003
Location
Bite, ME
Thank you jetset and Petunia.

Forum is all back, except for the posts. We'll just make better ones this time around :thumbsup:

There's an hour and 13 minute time frame from Insom being deleted to lanidar receiving an email from a CERTAIN person in Costa Rica, with the email being sent before the deletion started.

The IP in the log file traces back to Costa Rica.

Nothing 100% positive, but we know, too many coincidences.
 

jetset

RIP Brian
CAG
Joined
Feb 22, 2001
Location
Earth
QUOTE: There's an hour and 13 minute time frame from Insom being deleted to lanidar receiving an email from a CERTAIN person in Costa Rica, with the email being sent before the deletion started.UNQUOTE

What was the content of that email, Jinnia? Any references to the event?
 

lanidar

Dormant account
Joined
Sep 5, 2003
Location
Avenel, New Jersey
Here's the email.

jetset said:
QUOTE: There's an hour and 13 minute time frame from Insom being deleted to lanidar receiving an email from a CERTAIN person in Costa Rica, with the email being sent before the deletion started.UNQUOTE

What was the content of that email, Jinnia? Any references to the event?
Here is the email that was sent to me. Has NO references to the event.
Now, this was sent to the email address I have at Insom. NOT the email address I use for personal use and for registering at casinos.

Hello John,

Please contact me at 1-888-824-6874 or give me a contact number where I can reach you.

Regards,

General Manager
Virtual Casino

THAT'S IT!!! :confused:
 

lanidar

Dormant account
Joined
Sep 5, 2003
Location
Avenel, New Jersey
chucho said:
Have you had a problem with Warren Cloud / Oliver Curran lately?
No...not at all.
Besides this led us to Costa Rica and the following post was made by Jinnia at Insom...

Now isn't that a shame, that something like that happened to the owner of Grafix Softech, located in San Juan Costa Rica, just horrible! And I'm sure he's such a great guy that he would never consider doing anything harmful against or to another person.

By the way, I checked the log files, and here is the IP of the person responsible for deleting Insomniacs Lounge 65.182.30.15. And what a coincidence, it traces back to Costa Rica.

Information on trace:


American Registry for Internet Numbers

North America, South America, the Caribbean and sub-Saharan Africa

AMNET US AMNET-BLK4 (NET-65-182-0-0-1)
65.182.0.0 - 65.182.31.255
Radiografica Costarricense SA AMNET-BLK4-CR-RACSA-02 (NET-65-182-11-0-1)
65.182.11.0 - 65.182.30.255

# ARIN WHOIS database, last updated 2004-10-23 19:10
# Enter ? for additional hints on searching ARIN's WHOIS database.
AMNET US AMNET-BLK4 (NET-65-182-0-0-1)
65.182.0.0 - 65.182.31.255
Radiografica Costarricense SA AMNET-BLK4-CR-RACSA-02 (NET-65-182-11-0-1)
65.182.11.0 - 65.182.30.255

Strange, isn't it?
 

jinnia

Dormant account
Joined
Mar 7, 2003
Location
Bite, ME
Just checked www.prismcasino.com, all information has changed. BUT, I did find something strange when performing an indepth tracert on the new IP that shows. I'm checking and rechecking to make sure before saying anything. I just hope it turns out that I am wrong in my initial find :mad: .
 

jetset

RIP Brian
CAG
Joined
Feb 22, 2001
Location
Earth
Lanidar, did you call this person at Virtual back to see what he wanted you to call him for? If so, what did he have to say?
 

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

Top