9front - general discussion about 9front
 help / color / mirror / Atom feed
From: Stanley Lieber <sl@stanleylieber.com>
To: 9front@9front.org
Subject: Re: [9front] werc got "hacked"
Date: Sat, 2 Apr 2022 16:42:38 -0400	[thread overview]
Message-ID: <9125915D-A156-4DE0-8192-5217D5533299@stanleylieber.com> (raw)
In-Reply-To: <YRt2ScWVD1D1_G3E79KntM05_XSzRx_PCtokeijG4dOParcdp9yUvVopwqt2i-Kb5ZzlUB8mKyD47kdLzk70TZkGRlNxx5ZUzMtIx5-377I=@protonmail.com>

we turned off the entire vm until we had a fix. 4chan was able to read files outside the website root, but nothing private was stored on the server. very old werc passwords for defunct websites were leaked, as well as all of our mailing list subscriber lists that any of them thought to look for. no other form of attack was reported by 4chan, or detected by us.

sl


> On Apr 2, 2022, at 4:32 PM, Hensley <hens25252@protonmail.com> wrote:
> 
> did we take down the 9front.org pages or was that 4chan?
> 
> ------- Original Message -------
> 
>> On Thursday, March 31st, 2022 at 2:38 AM, hiro <23hiro@gmail.com> wrote:
>> 
>> some 4chan has looked into the werc and found some files, some of
>> 
>> which seem to be the werc passwords.
>> 
>> posting here in case somebody has a werc password that is also used in
>> 
>> other places.
> 


      reply	other threads:[~2022-04-02 20:52 UTC|newest]

Thread overview: 4+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-03-31  9:38 hiro
2022-03-31 22:46 ` Stanley Lieber
2022-04-02 19:43 ` Hensley
2022-04-02 20:42   ` Stanley Lieber [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=9125915D-A156-4DE0-8192-5217D5533299@stanleylieber.com \
    --to=sl@stanleylieber.com \
    --cc=9front@9front.org \
    --subject='Re: [9front] werc got "hacked"' \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).