Sun, Nov 10, 8:49 AM CST

Renderosity Forums / Poser - OFFICIAL



Welcome to the Poser - OFFICIAL Forum

Forum Coordinators: RedPhantom

Poser - OFFICIAL F.A.Q (Last Updated: 2024 Nov 10 8:20 am)



Subject: Has DAZ been hacked?


steerpike ( ) posted Wed, 16 February 2005 at 4:16 PM · edited Sun, 10 November 2024 at 8:41 AM

I've just tried to access DAZ3D, and got a blank page except for the message below;

'hax0rs lab ownz you - hax0rs@email.com'

I've tried both in Firefox (with account cookies set) and IE (no cookies set) with the same result. Is anyone else getting this?

Message edited on: 02/16/2005 16:17


pokeydots ( ) posted Wed, 16 February 2005 at 4:19 PM

I was just there and had no problems

Poser 9 SR3  and 8 sr3
=================
Processor Type:  AMD Phenom II 830 Quad-Core
2.80GHz, 4000MHz System Bus, 2MB L2 Cache + 6MB Shared L3 Cache
Hard Drive Size:  1TB
Processor - Clock Speed:  2.8 GHz
Operating System:  Windows 7 Home Premium 64-bit 
Graphics Type:  ATI Radeon HD 4200
•ATI Radeon HD 4200 integrated graphics 
System Ram:  8GB 


Xena ( ) posted Wed, 16 February 2005 at 4:20 PM

Forum is still working, but yeah I got the same message :( http://forum.daz3d.com/


redhorse ( ) posted Wed, 16 February 2005 at 4:20 PM

Yep, they've been hacked. I'm getting the same message.


sandoppe ( ) posted Wed, 16 February 2005 at 4:21 PM

Looks like they were, but they seem to be back now. I got the same message, but it cleared up very quick. From your posting times, it doesn't appear that it was very long.


Ardiva ( ) posted Wed, 16 February 2005 at 4:22 PM · edited Wed, 16 February 2005 at 4:26 PM

Just checked it again after seeing your post. No problem here, using Firefox. Haven't had a problem with it all day.

Weird thing.

Message edited on: 02/16/2005 16:26



artistheat ( ) posted Wed, 16 February 2005 at 4:23 PM

No problem here....DAZ GOT KIDNAPPED!!..lol


sandoppe ( ) posted Wed, 16 February 2005 at 4:33 PM

Yes.....but their Kung Foo is very strong! :)


Sombraweblab1 ( ) posted Wed, 16 February 2005 at 4:39 PM

How about the user's personal data (creditcard nunmber and stuff) can the hackers got that?


Aeneas ( ) posted Wed, 16 February 2005 at 4:47 PM

If they tried to get in, I don't think it was for the sandwiches or the beer. Sorry: Coke as Daz is a family site. No beer...

I have tried prudent planning long enough. From now I'll be mad. (Rumi)


kuroyume0161 ( ) posted Wed, 16 February 2005 at 4:50 PM

I certainly hope not!!!

C makes it easy to shoot yourself in the foot. C++ makes it harder, but when you do, you blow your whole leg off.

 -- Bjarne Stroustrup

Contact Me | Kuroyume's DevelopmentZone


Khai ( ) posted Wed, 16 February 2005 at 4:54 PM

" Yes.....but their Kung Foo is very strong! :)" erm no. their kungfu is very weak. they got hit by the virus that did the rounds 3 weeks ago. everyone else patched.. they did'nt? very very strange....


sandoppe ( ) posted Wed, 16 February 2005 at 4:57 PM

It's one of the reasons I never store credit card information anywhere, but I would guess that DAZ has lots of firewalls you have to go through to get to that kind of information. I wouldn't worry about it. Whoever hacked DAZ's main page is probably not after anything other than to try and start some controversy and make a name for themselves. A really good hacker and a thief would not have left a message behind. This is just someone trying to get attention.....the lame little prick :)


Sarte ( ) posted Wed, 16 February 2005 at 5:26 PM

I don't see any message there.

Do the impossible, see the invisible

ROW ROW FIGHT THE POWER

Touch the untouchable, break the unbreakable

ROW ROW FIGHT THE POWER



randym77 ( ) posted Wed, 16 February 2005 at 5:33 PM

They fixed it pretty quickly.


Sileen ( ) posted Wed, 16 February 2005 at 6:17 PM

Did DAZ publicly announce this in a thread somewhere, Khai? If not, I'm wondering where you're getting your information. Did I miss something? blinks It's possible I missed something. Where is the thread where DAZ explains this about some virus?


cooler ( ) posted Wed, 16 February 2005 at 6:44 PM · edited Wed, 16 February 2005 at 6:49 PM

Attached Link: http://forum.daz3d.com/viewtopic.php?t=15162

This was just posted up at DAZ...

*"Hello, everyone. DAZ has asked me to make an explanatory post regarding this issue, since I was contacted to assist their system administration team with the forensics and I located the "root cause" of the intrusion to their server.

Essentially, at 13:09:09, a computer in Brazil connected to the DAZ website and exploited a security vulnerability in a commonly used statistical analysis package for web logs. An exploit existed that would allow a carefully crafted string to write or overwrite a file that the parsing script had permissions to. The attackers used this to create an 'index.html' page on the web server containing the message.

There's no evidence whatsoever to suggest the people responsible had any ability to read any data from the server. Moreover, because of the method used, we have a full log of every command issued, and we have a list of all files that were modified - and the only they thing touched was creating the spurious index.html.

While DAZ takes every security incident seriously, and will be working with the proper authorities to respond to this incident, that even in a much more serious compromise there are actually several more hurdles that would have to be assailed by a would-be attacked to get access to any sensitive information. The credit card information entrusted to DAZ is protected by absolutely draconion security measures and is designed to be inaccessible to anyone - even DAZ employees."* edited to add URL

Message edited on: 02/16/2005 18:49


Khai ( ) posted Wed, 16 February 2005 at 7:03 PM

" Did DAZ publicly announce this in a thread somewhere, Khai? If not, I'm wondering where you're getting your information. Did I miss something? blinks It's possible I missed something. Where is the thread where DAZ explains this about some virus?" a few weeks ago a virus leaving a similar msg hit about 75% of all the PHP boards on the net... it was a hellva attack since the estimates ran to about 20,000 boards taken down. I was thinking it was the same virus. and reading that explanation above, I still think it could have been, since they described a similar loophole to the one the virus was exploiting.


Sileen ( ) posted Wed, 16 February 2005 at 9:15 PM

Could have been, but your previous statement was stating it as fact like you knew. Thanks for the clarification


Khai ( ) posted Wed, 16 February 2005 at 9:38 PM

new information changes outlooks you know ;) note the 2 hours between my statements of seeing what was a very similar attack to when Daz posted their explanation ;)


Sileen ( ) posted Wed, 16 February 2005 at 9:57 PM

Well, I didn't know if you were trying to state an outlook, or fact. You seemed to state it as fact, so I wanted to know where you got your information from. You should use the words "I think" or "my opinion" instead of "They got!"


Khai ( ) posted Wed, 16 February 2005 at 10:00 PM

and maybe you should take your opinion to someone that cares?


Sileen ( ) posted Wed, 16 February 2005 at 10:07 PM

I was making a SUGGESTION so you could avoid confusion. Ease off.


Khai ( ) posted Wed, 16 February 2005 at 10:13 PM

erm? you jumped on me remember? you ease off. I was being friendly until you tried to tell me what I should have said. that is actually quite rude.


Lyrra ( ) posted Wed, 16 February 2005 at 10:35 PM

both of youse need to go and take a deep breathe and chill out :) DAZ got hit ..they fixed it fast. End of story. This happens. And now whomever did this has a couple hundred cranky poserholics after them .. I'd feel sorry for the dude in Brazil actually. lol Lets sic Dodger on 'em! serves 'em right Lyrra



sandoppe ( ) posted Wed, 16 February 2005 at 10:53 PM

I agree Lyrra :) The only advise I have for DAZ is: quit using that damned Microsoft web log software!! :)


milamber42 ( ) posted Wed, 16 February 2005 at 11:16 PM

@sandoppe LOL It took me a bit to remember the "Kung Fu" reference.


XENOPHONZ ( ) posted Wed, 16 February 2005 at 11:37 PM

Hack0erz Boyz Ownz Youz!!!!!!!

Youz isz deadz meatz!!!!

Wez bez coolz becausez wez spellz everthingz withz zzzzzzzzzzz's(z)!!!!!!!

Actuallyz, Iz hasz az speechz impedimentz.

Hack0erz Boyz notz tooz brightz!!!!!! Notz knowz howz toz talkz tooz goodz..........spendz tooz muchz timez watchingz Starz Trekz, andz dreamingz aboutz beingz da Bigz Badz Manz!

Yeahz, Iz Coolerz thanz youz....evenz thoughz Iz weighsz 90z poundsz soakingz wetz.

Iz wetz da bedz, tooz. Da bigz meanz boyz alwaysz pickin'z onz mez!!!!!!

Iz getz myz revengez onz thez worldz!!!!! Iz Hack0erz Bigz Badz Dudez!!!!!!!!

Iz rulez!!!!!!!!!!!

Something To Do At 3:00AM 



sandoppe ( ) posted Wed, 16 February 2005 at 11:41 PM

milamber42 ;) Fortunately for DAZ, that Brazilian is no where near as capable as Rat! :)


macdubhgal ( ) posted Thu, 17 February 2005 at 1:05 AM

milamber42?? Do we know each other from another site? I can't imagine Milamber is a common name...


lmckenzie ( ) posted Thu, 17 February 2005 at 1:16 AM

"...quit using that damned Microsoft web log software..." I assume you were joking. If not, be advised that: According to Netcraft: "http://www.daz3d.com was running Apache on FreeBSD when last queried at 17-Feb-2005 07:10:03 GMT" Also the Brazilian stats hack apparently attacks a program named AWstats, definitely not a Microsoft product. Microsoft did cause the tsunami though.

"Democracy is a pathetic belief in the collective wisdom of individual ignorance." - H. L. Mencken


kuroyume0161 ( ) posted Thu, 17 February 2005 at 1:24 AM

lmckenzie, Bill Gates is sending his Geek-Squad to 'panzy' you as...we...speak!!! ;) - On a serious note, was this a PHP forum hack? Seems that phpBB is getting alot of attention from the script kiddies lately.

C makes it easy to shoot yourself in the foot. C++ makes it harder, but when you do, you blow your whole leg off.

 -- Bjarne Stroustrup

Contact Me | Kuroyume's DevelopmentZone


lmckenzie ( ) posted Thu, 17 February 2005 at 2:17 AM

Attached Link: http://www.blogherald.com/2005/02/03/awstats-exploit-downs-blogs

Here's the first reference I found--nothing about PHP so it's different from that one. I'm sure Bill is cackling to see open source getting bitch-slapped for a change though. Too late for the Geek-Squad. I already drank the Kool-Aid and had the chip implanted. It was a mighty big suppository too.

"Democracy is a pathetic belief in the collective wisdom of individual ignorance." - H. L. Mencken


Ben_Dover ( ) posted Thu, 17 February 2005 at 2:53 AM

This even happened to phpBB.com. Sounds like the same group was responsible. I read a little about it as soon as it happened since I have a server with AWStats. It was via an exploit in the AWStats program, an app that generates web stats for bandwidth, referrers, etc. Cpanel includes AWStat in the package so I asked around about that too. The compromise is only in the standalone version of AWStats before version 6.2 so those of you with web sites and using the standalone (not the cpanel version) better upgrade. While you're at it make sure your host/provider is using the latest version of php as well as there's another exploit there (hear that DAZ?). For what it's worth, phpBB.com was down for a few days. Apparently it really harshed their server, not just the index page. So good going DAZ, way to recover fast. Of course, an ounce of prevention is worth a pound of cure.... ;)


Privacy Notice

This site uses cookies to deliver the best experience. Our own cookies make user accounts and other features possible. Third-party cookies are used to display relevant ads and to analyze how Renderosity is used. By using our site, you acknowledge that you have read and understood our Terms of Service, including our Cookie Policy and our Privacy Policy.