IJDB webmaster here - yes, that's pretty much how it happened. The site was hacked on a few occasions. While the first hacks were a threat to the site and the infrastructure, the ones that followed were a threat to the users.
Much as I loved the site (I can't being to imagine how many hours I spent on the code!), the responsible thing to do was turn it off. Which we did!
While I was a little unsure as to whether that was the right thing to do at the time, I am now certain that it was.
Not sure what all this gibberish about a trojan is though, I certainly wasn't aware of that. The attacks I recall were one that used a poorly configured file upload page to upload malicious scripts, and the final one, a SQL injection attack plus rainbow tables which allowed the attacker to obtain passwords.
- Colin E.
↧
Post by Colin E.
↧