Wrong season for wearing leathers.

Pretty much what was said already.

Site went down on July 4th. I logged in and saw nothing. Literally nothing.

Contacted the server company. Waited two days for a response and they said it all looked good. Huh? Good? There is no website. No reply from them.

Got Lrrpie involved. He knows this stuff. We both started digging through the server and found a ransom file that stated they wanted money via bitcoin or else they would release the files to the public. Checked and double checked the logs. They didn't get into the server via hacked passwords or traditional methods. Definitely a hole in the software.

So in lies the problem. Have backups, but can't just slap back up the software that they hacked.

Put on the latest and greatest software with no issues onto a new server that we also know has not been compromised. We are good now. Now comes the task of trying to import some of the old stuff, but safely and carefully. Have to go through it to make sure nothing in it is wrong also. Can't poison the new server nor do we know when it all truly happened.

Basically we had to make the decision to either stay down and work on this for who knows how long (in our spare time, we do have full time jobs) or we get the site back up and running and it gives us an excuse to just make it even more awesome.

Went that route.

Woah. Carter is back to being Red Green!

eek. Where can we find them when they are published? :P

Nice to see it back up, logged on to AO for the first time in ages to see what happened.

For some of us, it might be a good thing old opinions (bad) and old jokes (can reuse!) have all disappeared. It will be a shame of some of the old knowledge is lost though...

Very sorry to hear it. About 10yrs ago or so I had a decent cigar forum and fairly popular review site. Hackers got in via holes in the PHPBB software. I went the same route as you and just scrapped the forum. Very painful decision, no good options. A couple of years ago I gave up after another series of attacks that infected the rest of the site.

Long story short, I applaud you for not giving in. F those guys!

Wait, they threatened to release the files of an open, public forum... to the public?

Or did they mean they'd release the names and passwords? Names being irrelevant in this age of Facebook, and 95% of the passwords would be useless the day they were released (having been used only for that site) and the other 5% would be changed and thus invalidated in short order.

Good to know you have backups, though.

Doc.

Would have been a great time to rename the site. Maybe something more cosmopolitan, like city of paintball or . . .

Dumb question but important. Membership and dues? I would gladly pay fresh with the restart. Just want to ensure the site remains viable. And happily contribute to a bounty for the hackers right index finger.

For what its worth, I've had 2 legitimate websites send me this message this weekend:

Could be unrelated to the MCB hack, but yes, does seem like they released to the public.

How can there NOT have been a back up?

I think he said there was definitely backups, but he thinks the forum software itself is vulnerable. In that case, it would be irresponsible to put up the backup knowing it could be a risk

Right? So the passwords were all protected - so much so that even I could not see them. That's why when people asked, all I could do is reset it, not tell them their password.

I did have a lot of private files on the server - but nothing raunchy nor anything that would come back and bite me if made public, so I'm not really concerned there either - plus I have back ups of it all and that folder is now on my desktop.

As for the memberships, we will get all that up and running back next week. Working through one step at a time. When you had many many years of simple modifications you get used to having access to, it take a while to add them all back in.

I suppose the moderator forums, the member section, and PMs could be made public. But what clown is going to wade through that ocean looking for mildly embarrassing quips

Sooooo many times I wanted to point this out in response to hand-wringing, whiny posts on the Facebook group, but as I said to Wade, I figured it would have the same effect as tossing water on a grease fire