1
Hackers attacking community servers.
CascadianX
raidarr
Greetings,
I am a server host and plugin developer for Celestial Gaming, a community server (semi-vanilla) that has been under attack since 2am on April 03rd, 2017.
This attack isn't one of your average abusing the command lines in games and etc. These hackers are using old data-base leaks of old passwords. Typically leaked from vulnerable minecraft websites and other addresses. These hackers attacked the servers paypal address, which as nearly $1,000+ dollars in donations and also attacked the Buycraft network hooked up into our system.
The attack was executed by login into the head-admins minecraft account and then granting themselves '*' permission. These hackers then recruit players on the server. Luckily our community loves our server and our staff and fought back by creating large world edits (since they were granted worldedit.* permissions by the hacker), to bring down the server. Which is a task in its self because we have a server of a beast.
My goal here is to let the community be aware of the recent attacks and to take safety precautions against this happening again. We've come up with the idea to link our server logs and release the vpn-ip's and accounts the hackers have been using the last 48 hours.
Our fix to this situation was requiring all staff members to reset their passwords and send a screenshot of the email or take a picture of the Mojang screen that says "Password reset # seconds ago". We're digusted by these actions but luckily we had backups and the skill the address this easily and professionally.
Edit: We've noticed that these minecraft accounts are either fresh or fooling minecraft's authentications and practically are fake or do no exist. We are in online mode.
-snip-
I am a server host and plugin developer for Celestial Gaming, a community server (semi-vanilla) that has been under attack since 2am on April 03rd, 2017.
This attack isn't one of your average abusing the command lines in games and etc. These hackers are using old data-base leaks of old passwords. Typically leaked from vulnerable minecraft websites and other addresses. These hackers attacked the servers paypal address, which as nearly $1,000+ dollars in donations and also attacked the Buycraft network hooked up into our system.
The attack was executed by login into the head-admins minecraft account and then granting themselves '*' permission. These hackers then recruit players on the server. Luckily our community loves our server and our staff and fought back by creating large world edits (since they were granted worldedit.* permissions by the hacker), to bring down the server. Which is a task in its self because we have a server of a beast.
My goal here is to let the community be aware of the recent attacks and to take safety precautions against this happening again. We've come up with the idea to link our server logs and release the vpn-ip's and accounts the hackers have been using the last 48 hours.
Our fix to this situation was requiring all staff members to reset their passwords and send a screenshot of the email or take a picture of the Mojang screen that says "Password reset # seconds ago". We're digusted by these actions but luckily we had backups and the skill the address this easily and professionally.
Edit: We've noticed that these minecraft accounts are either fresh or fooling minecraft's authentications and practically are fake or do no exist. We are in online mode.
-snip-
Create an account or sign in to comment.
8
info Note: You're viewing a single reply. View all replies
1
Thatsmusic99Recently I got news from a friend of mine that Mojang have prevented VPNs from being used. If a player does use it and they log in with a too-frequently-changing IP, their password gets reset and they have to use their email to get their account back as well as log back in. I don't know what side effects it may have, but at least it's something good for a change. (Or even correct me if I'm wrong).
If it exists, it's a largely inefficient system. And then there's the fact that the right provider or VPN will simply let you refresh your IP whenever you want to, not arbitrarily. (You don't even need a VPN to bounce your IP around a bit...)
