Blockland Forums > General Discussion
Did some forum threads get lost?
Pecon:
--- Quote from: exit on April 03, 2020, 07:55:29 PM ---wasnt it just a short code that would be easier to guess than what we have now
--- End quote ---
That was one of the theories, but I'm pretty sure it was ruled out. That code was 10 digits long and had no rate limiting on checks iirc, which while inadequate, could not account for how quickly the attacker was breaking into accounts.
Hawt:
he used leakedsource and put everyone's username in and only got people because they reused their password that was also on a compromised website
Pecon:
--- Quote from: Hawt on April 03, 2020, 08:51:22 PM ---he used leakedsource and put everyone's username in and only got people because they reused their password that was also on a compromised website
--- End quote ---
I believe the discrepancy on this theory is that kompressor was also hit, but was known to have not been reusing passwords. It's also far-fetched since most of the users hit were very high-profile old accounts, and it doesn't seem likely the attacker could have known enough information to ID every one of those accounts with a breached password in the timeframe the attack occurred.
National Rail:
--- Quote from: Pecon on April 03, 2020, 07:31:56 PM ---A specific time period that was actually closer to 3 months.
--- End quote ---
Right, thanks.
--- Quote from: Pecon on April 03, 2020, 08:02:43 PM ---That was one of the theories, but I'm pretty sure it was ruled out. That code was 10 digits long and had no rate limiting on checks iirc, which while inadequate, could not account for how quickly the attacker was breaking into accounts.
--- End quote ---
Sounds like it was open to a good old brute force attack then, you're right the attacker couldn't have possibly known much about the users of old accounts such as Kompressor on other sites, more likely they just looked at who was considered a "high target" but also inactive so they could have a go out without anybody noticing repeated attempts to reset their password.
Never know it could have taken a few days for the attacker to gain access all they had to do was keep at it and once they cracked it they can strike at will. Maybe they gathered a few accounts up to unleash in series (I was gone when this all happened so I don't know, just a guess).
Hawt:
-