GPWA Website Now Operational

[MichaelCorfman]

I am very pleased to announce that the GPWA website is operational once again.

We were hit by a very severe ransomware attack about 3am EST Monday, 21 October 2019.

We reported the attack to the FBI and are providing information about the attack to the division of the FBI responsible for investigating and responding to this type of criminal activity.

We do not believe the attack targeted the GPWA, or that any potential vulnerabilities in the GPWA website were exploited in the attack. Rather, we believe the impact on the GPWA website was collateral damage.

We implemented many security measures within the GPWA website years ago. For example, access to the the forum administrative interface is restricted to those connected to our internal network, either physically or through VPN. And we have active monitors that look for any instances of elevated forum privileges on a continuous basis and report them for action immediately. There are also many other security measures in place, although, for obvious reasons, I don't want to provide extensive documentation regarding our security measures in a publicly available post.

Michael

Please note: the original version of this thread with more details has been moved to the private forums in the following thread:


GPWA Website Now Operational - Private Discussion

We decided that some details of the ransomware attack and our response are better kept within the private forums.

[Malikbhai]

If it impacted desktops, then my hunch is the attackers got in through email attachments. This is very typical of a ransomware attack.

Because, the web servers are pretty secure if they're based on linux, with strong passwords.

By the way; could this be related to the vbulletin exploit recently released to the public in September?

Comodo SSL was attacked https://www.theregister.co.uk/2019/1...lure_to_patch/

[Cash Bonus]

Congratulations and it’s good to see GPWA back up and running again.

[sweetbet]

Congratulations for getting the site and network back up and running again.

[universal4]

Servers set up properly are secure whether linux or Windows, but this is certainly not the place to debate that, but I agree most attacks of this nature are predominantly done through emails etc and have a source on the lan from desktops.

Glad to see things are back up and running, the jerks behind any of these attacks around the world should be caught and suffer severe penalties.

Rick
Universal4

[Nenad]

Servers set up properly are secure whether linux or Windows, but this is certainly not the place to debate that, but I agree most attacks of this nature are predominantly done through emails etc and have a source on the lan from desktops.

Glad to see things are back up and running, the jerks behind any of these attacks around the world should be caught and suffer severe penalties.


Universal4

Totally agree, those kind of people should get a severe penalties! Good to see the GPWA back again!

[Malikbhai]

Yea, but not much can happen in places like Russia, Ukraine and China; the hubs of cybercrime. I am willing to bet the attack must have come from one of these three.

[universal4]

I personally feel that eventually if there is not more done in the countries that have the reputations of no action or strategy to limit it more, then the cooperation between those countries and others may suffer in economics, trade etc.

Rick
Universal4

[Integrity]

...the jerks behind any of these attacks around the world should be caught and suffer severe penalties.

Totally agree, those kind of people should get a severe penalties!

HEY! Just for that I'm not gonna cut you guys in for a share of the take!

[newcustomeroffer]

Well done. Hopefully you've got everything sorted to mitigate the chances of this happening again in the future.

[ddm]

I hope you have patched that vbulletin 0 day 1 liner hack that was running around lately.. one of the more obvious attack vectors

https://www.theregister.co.uk/2019/0..._vbug_zeroday/

[Azureus]

What about HTTPS (certificate)? The website doesn't load through https for me now, only http. I know it may seem like a detail but exactly things like this can increase security.

Malikbhai don't judge like this... it is just retarded to put an equal sign between hacker and Russian. Could be from anywhere, China, Arab countries, Europe, even USA. There was even a theory with good evidence that biggest ransomware/Wannacry was done by North Korea. Could even be specifically targeted attack by someone from the industry, when you allow free speech about companies, you will have enemies.

Anyways, glad to see the forum online again. What about SSL?

[Malikbhai]

Yup, missed the North Koreans.

[ocreditor]

Great news. I only now seen it. Email notifications are working as well?

[Gone2]

Great news. I only now seen it. Email notifications are working as well?

For me email notifications work.Good that GPWA is back.

But I agree with Azureus. Why does GPWA still don't have a SSL? This should be a work of less than 1 hour, there are certificates for free out there. Are our mail addresses safe without SSL?

[drifter8]

Email notifictions are working, which is awesome.

Also have to agree with GOne2 that SSL certificate can be set-up for zero time.

[lemerClem]

thanks god! it's very good to see you again, guys!

[Zuga]

Glad to see you guys up and running.

[LowFlyingBird]

Equivalent to an internet car crash. Get Well Soon!

[Former Member 14]

Are our mail addresses safe without SSL?

Nothing, Private Messages and your login data isn't safe without SSL. Non SSL as it is now, all logins (everything) is sent in plain-text to the server.