19.09.2011, 13:57
A note: This is regarding the forum of a server
Hello,
I am the co-owner of a server called swat4samp. Recently we have had several forum admin accounts getting hacked on our forum. I've tried everything I could think of to prevent this. Really important threads got removed due to the hacker. The hacker tried to hack every admin, but somehow he failed. Every admin on the forum got an email someone wanted to reset his/her password. Then the first hacker came. They didn't reset the password by the way. After I got rid of the hacker by blocking his IP and his IP range, I made topics about every admin should change their password with special symbols in it. They did it, but then the next one got hacked. (That admin didn't change his password). Then more important threads got removed. I had almost every admin to change their password after that. We thought the hacker was gone. but after 4 days he came back and hacked the next admin (today), which removed even more important threads from the admin section.This day we all received a password reset mail again, and we ignored it.
I did some research and found out those IPs hacked admin accounts:
74.63.112.144 (Range banned)
204.45.*.*
184.154.*.*
173.0.0.205 (Range banned)
First I thought they were proxies, but when I did a proxy check they weren't. They are all direct to Chicago, USA.
So this guy might be setting up VPN's to hide his password.
I am afraid more admins will get hacked, so how will I prevent them from getting hacked again? One of them had their password as secret question, which was the way how he hacked them. But somehow if people receive a password reset mail, they get hacked.
The guy also tries to send keyloggers, I told everyone to not download files they don't trust or enter websites they don't trust. They all said they didn't, but they do get hacked.
How can I stop this, prevent this?
Thanks for your help.
p/s I'd like people to help me who know what they are doing and knowing stuff about hacking.
Hello,
I am the co-owner of a server called swat4samp. Recently we have had several forum admin accounts getting hacked on our forum. I've tried everything I could think of to prevent this. Really important threads got removed due to the hacker. The hacker tried to hack every admin, but somehow he failed. Every admin on the forum got an email someone wanted to reset his/her password. Then the first hacker came. They didn't reset the password by the way. After I got rid of the hacker by blocking his IP and his IP range, I made topics about every admin should change their password with special symbols in it. They did it, but then the next one got hacked. (That admin didn't change his password). Then more important threads got removed. I had almost every admin to change their password after that. We thought the hacker was gone. but after 4 days he came back and hacked the next admin (today), which removed even more important threads from the admin section.This day we all received a password reset mail again, and we ignored it.
I did some research and found out those IPs hacked admin accounts:
74.63.112.144 (Range banned)
204.45.*.*
184.154.*.*
173.0.0.205 (Range banned)
First I thought they were proxies, but when I did a proxy check they weren't. They are all direct to Chicago, USA.
So this guy might be setting up VPN's to hide his password.
I am afraid more admins will get hacked, so how will I prevent them from getting hacked again? One of them had their password as secret question, which was the way how he hacked them. But somehow if people receive a password reset mail, they get hacked.
The guy also tries to send keyloggers, I told everyone to not download files they don't trust or enter websites they don't trust. They all said they didn't, but they do get hacked.
How can I stop this, prevent this?
Thanks for your help.
p/s I'd like people to help me who know what they are doing and knowing stuff about hacking.
