Page 1 of 2 12 LastLast
Results 1 to 20 of 36
  1. #1
    MichaelCorfman's Avatar
    MichaelCorfman is offline GPWA Executive Director
    Join Date
    June 2004
    Location
    Newton, MA
    Posts
    4,288
    Thanks
    915
    Thanked 5,554 Times in 1,791 Posts

    Angry GPWA Website Now Operational

    I am very pleased to announce that the GPWA website is operational once again.

    We were hit by a very severe ransomware attack about 3am EST Monday, 21 October 2019.

    We reported the attack to the FBI and are providing information about the attack to the division of the FBI responsible for investigating and responding to this type of criminal activity.

    We do not believe the attack targeted the GPWA, or that any potential vulnerabilities in the GPWA website were exploited in the attack. Rather, we believe the impact on the GPWA website was collateral damage.

    We implemented many security measures within the GPWA website years ago. For example, access to the the forum administrative interface is restricted to those connected to our internal network, either physically or through VPN. And we have active monitors that look for any instances of elevated forum privileges on a continuous basis and report them for action immediately. There are also many other security measures in place, although, for obvious reasons, I don't want to provide extensive documentation regarding our security measures in a publicly available post.

    Michael

    Please note: the original version of this thread with more details has been moved to the private forums in the following thread:


    GPWA Website Now Operational - Private Discussion


    We decided that some details of the ransomware attack and our response are better kept within the private forums.
    GPWA Executive Director, Casino City CEO, Friend to the Village Idiot

    Resources for Affiliates: iGamingDirectory.com, iGamingAffiliatePrograms.com, GamingMeets.com

  2. The Following 28 Users Say Thank You to MichaelCorfman For This Useful Post:

    allaboutthebets (26 October 2019), AmyWilson (4 November 2019), Anthony (27 October 2019), AussieDave (26 October 2019), Betreels Casino (27 October 2019), BettingGods (28 October 2019), big fish (28 October 2019), Brokkoli (27 October 2019), Cash Bonus (26 October 2019), casinoportal (26 October 2019), drifter8 (27 October 2019), GPWA Maria (29 October 2019), holkapolka (31 October 2019), infopoker (27 October 2019), jack-SA (29 October 2019), lemerClem (28 October 2019), Malikbhai (26 October 2019), oc+ (5 November 2019), ocreditor (28 October 2019), PromoteCasino (26 October 2019), sweetbet (26 October 2019), Syndicate (12 November 2019), The Buzz (26 October 2019), TheGamblersClub (26 October 2019), TheGooner (26 October 2019), Tomas_4578 (12 November 2019), vardan (28 October 2019), Zuga (28 October 2019)

  3. #2
    Malikbhai is offline Public Member
    Join Date
    September 2017
    Posts
    586
    Thanks
    157
    Thanked 328 Times in 207 Posts

    Default

    If it impacted desktops, then my hunch is the attackers got in through email attachments. This is very typical of a ransomware attack.

    Because, the web servers are pretty secure if they're based on linux, with strong passwords.

    By the way; could this be related to the vbulletin exploit recently released to the public in September?

    Comodo SSL was attacked https://www.theregister.co.uk/2019/1...lure_to_patch/

  4. #3
    Cash Bonus's Avatar
    Cash Bonus is offline Private Member
    Join Date
    May 2014
    Posts
    4,324
    Thanks
    8,208
    Thanked 2,611 Times in 1,884 Posts

    Default

    Congratulations and itís good to see GPWA back up and running again.

  5. #4
    sweetbet's Avatar
    sweetbet is offline Public Member
    Join Date
    November 2012
    Posts
    2,820
    Blog Entries
    5
    Thanks
    898
    Thanked 1,574 Times in 1,087 Posts

    Default

    Congratulations for getting the site and network back up and running again.
    Last edited by MichaelCorfman; 27 October 2019 at 6:21 pm. Reason: Edited to removed content from the public forum that has been retained in the private forum version of this thread.

  6. The Following User Says Thank You to sweetbet For This Useful Post:

    PokCas (26 October 2019)

  7. #5
    universal4's Avatar
    universal4 is online now Forum Administrator
    Join Date
    July 2003
    Location
    Courage is being scared to death...and saddling up anyway. John Wayne
    Posts
    29,118
    Thanks
    2,536
    Thanked 8,177 Times in 5,177 Posts

    Default

    Servers set up properly are secure whether linux or Windows, but this is certainly not the place to debate that, but I agree most attacks of this nature are predominantly done through emails etc and have a source on the lan from desktops.

    Glad to see things are back up and running, the jerks behind any of these attacks around the world should be caught and suffer severe penalties.

    Rick
    Universal4
    Last edited by MichaelCorfman; 27 October 2019 at 6:22 pm. Reason: Edited to removed content from the public forum that has been retained in the private forum version of this thread.

  8. The Following 3 Users Say Thank You to universal4 For This Useful Post:

    allaboutthebets (27 October 2019), Cash Bonus (27 October 2019), PokCas (26 October 2019)

  9. #6
    Nenad is offline Public Member
    Join Date
    June 2019
    Posts
    547
    Thanks
    311
    Thanked 155 Times in 128 Posts

    Default

    Quote Originally Posted by universal4 View Post
    Servers set up properly are secure whether linux or Windows, but this is certainly not the place to debate that, but I agree most attacks of this nature are predominantly done through emails etc and have a source on the lan from desktops.

    Glad to see things are back up and running, the jerks behind any of these attacks around the world should be caught and suffer severe penalties.


    Universal4
    Totally agree, those kind of people should get a severe penalties! Good to see the GPWA back again!
    Last edited by MichaelCorfman; 27 October 2019 at 6:23 pm. Reason: Edited to removed content from the public forum that has been retained in the private forum version of this thread.

  10. #7
    Malikbhai is offline Public Member
    Join Date
    September 2017
    Posts
    586
    Thanks
    157
    Thanked 328 Times in 207 Posts

    Default

    Yea, but not much can happen in places like Russia, Ukraine and China; the hubs of cybercrime. I am willing to bet the attack must have come from one of these three.

  11. #8
    universal4's Avatar
    universal4 is online now Forum Administrator
    Join Date
    July 2003
    Location
    Courage is being scared to death...and saddling up anyway. John Wayne
    Posts
    29,118
    Thanks
    2,536
    Thanked 8,177 Times in 5,177 Posts

    Default

    I personally feel that eventually if there is not more done in the countries that have the reputations of no action or strategy to limit it more, then the cooperation between those countries and others may suffer in economics, trade etc.

    Rick
    Universal4

  12. #9
    Integrity's Avatar
    Integrity is offline Private Member
    Join Date
    September 2002
    Location
    Vegas State of Mind
    Posts
    1,624
    Blog Entries
    76
    Thanks
    875
    Thanked 996 Times in 382 Posts

    Default

    Quote Originally Posted by universal4 View Post
    ...the jerks behind any of these attacks around the world should be caught and suffer severe penalties.

    Quote Originally Posted by Nenad View Post
    Totally agree, those kind of people should get a severe penalties!

    HEY! Just for that I'm not gonna cut you guys in for a share of the take!

  13. #10
    newcustomeroffer is offline Public Member
    Join Date
    January 2018
    Location
    United Kingdom
    Posts
    503
    Thanks
    70
    Thanked 231 Times in 174 Posts

    Default

    Well done. Hopefully you've got everything sorted to mitigate the chances of this happening again in the future.
    Last edited by MichaelCorfman; 27 October 2019 at 6:27 pm. Reason: Edited to removed content from the public forum that has been retained in the private forum version of this thread.

  14. #11
    ddm
    ddm is offline Former Member
    Join Date
    July 2006
    Posts
    1,126
    Thanks
    418
    Thanked 470 Times in 287 Posts

    Default

    I hope you have patched that vbulletin 0 day 1 liner hack that was running around lately.. one of the more obvious attack vectors

    https://www.theregister.co.uk/2019/0..._vbug_zeroday/

  15. #12
    Azureus's Avatar
    Azureus is offline Public Member
    Join Date
    May 2012
    Posts
    97
    Thanks
    6
    Thanked 75 Times in 44 Posts

    Default

    What about HTTPS (certificate)? The website doesn't load through https for me now, only http. I know it may seem like a detail but exactly things like this can increase security.

    Malikbhai don't judge like this... it is just retarded to put an equal sign between hacker and Russian. Could be from anywhere, China, Arab countries, Europe, even USA. There was even a theory with good evidence that biggest ransomware/Wannacry was done by North Korea. Could even be specifically targeted attack by someone from the industry, when you allow free speech about companies, you will have enemies.

    Anyways, glad to see the forum online again. What about SSL?

  16. The Following 5 Users Say Thank You to Azureus For This Useful Post:

    AmyWilson (4 November 2019), Cash Bonus (27 October 2019), drifter8 (27 October 2019), Moonlight Cat (27 October 2019), ocreditor (28 October 2019)

  17. #13
    Malikbhai is offline Public Member
    Join Date
    September 2017
    Posts
    586
    Thanks
    157
    Thanked 328 Times in 207 Posts

    Default

    Yup, missed the North Koreans.

  18. #14
    ocreditor's Avatar
    ocreditor is offline Private Member
    Join Date
    April 2009
    Location
    Israel
    Posts
    5,916
    Blog Entries
    1
    Thanks
    5,851
    Thanked 3,760 Times in 2,347 Posts

    Default

    Great news. I only now seen it. Email notifications are working as well?

  19. #15
    Gone2 is offline Private Member
    Join Date
    September 2018
    Posts
    51
    Thanks
    41
    Thanked 19 Times in 16 Posts

    Default

    Quote Originally Posted by ocreditor View Post
    Great news. I only now seen it. Email notifications are working as well?
    For me email notifications work.Good that GPWA is back.

    But I agree with Azureus. Why does GPWA still don't have a SSL? This should be a work of less than 1 hour, there are certificates for free out there. Are our mail addresses safe without SSL?

  20. The Following 3 Users Say Thank You to Gone2 For This Useful Post:

    DanHorvat (28 October 2019), drifter8 (28 October 2019), ocreditor (29 October 2019)

  21. #16
    drifter8's Avatar
    drifter8 is offline Private Member
    Join Date
    March 2017
    Location
    Bulgaria
    Posts
    1,180
    Blog Entries
    1
    Thanks
    2,411
    Thanked 588 Times in 453 Posts

    Default

    Email notifictions are working, which is awesome.

    Also have to agree with GOne2 that SSL certificate can be set-up for zero time.
    Seven times fall, eight times stand.

  22. #17
    lemerClem's Avatar
    lemerClem is offline Public Member
    Join Date
    February 2019
    Posts
    43
    Thanks
    10
    Thanked 4 Times in 4 Posts

    Default

    thanks god! it's very good to see you again, guys!

  23. #18
    Zuga's Avatar
    Zuga is offline Private Member
    Join Date
    December 2011
    Posts
    181
    Thanks
    494
    Thanked 238 Times in 91 Posts

    Default

    Glad to see you guys up and running.
    ​LCB Network

  24. #19
    LowFlyingBird's Avatar
    LowFlyingBird is offline Sponsor Affiliate Program
    Join Date
    July 2018
    Posts
    159
    Thanks
    90
    Thanked 83 Times in 58 Posts

    Default

    Equivalent to an internet car crash. Get Well Soon!

  25. #20
    AussieDave's Avatar
    AussieDave is offline Public Member
    Join Date
    November 2005
    Location
    from the land downunder
    Posts
    4,188
    Blog Entries
    1
    Thanks
    1,739
    Thanked 2,006 Times in 1,145 Posts

    Default

    Quote Originally Posted by Gone2 View Post
    Are our mail addresses safe without SSL?
    Nothing, Private Messages and your login data isn't safe without SSL. Non SSL as it is now, all logins (everything) is sent in plain-text to the server.
    ---
    Compliance: a code word for control

    ---
    Do the right thing, even when no one is looking. It's called integrity.
    ---

    It's your right to be treated honestly: fairness for all igaming affiliates - doch.news - no sponsors. Hence no conflicts of interest!

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •