Saturday, June 24, 2006

Burleson's DBA Forum Hacked

Surprise, surprise. I received an email claiming to be from Janet Burleson with regard to my account on their DBA Forums (http://dba.ipbhost.com/index.php). The title of the email was "HACKED (Oracle DBA Forums)" and here's the text of the email.

Received: from server19.systemips.com ([207.44.232.13]) by ;
Sat, 24 Jun 2006 10:44:12 -0700
Received: from nobody by server19.systemips.com with local (Exim 4.52)
id 1FuCAt-0007Iq-1r
for ; Sat, 24 Jun 2006 12:44:03 -0500
To:
Subject: HACKED ( Oracle DBA Forums )
MIME-Version: 1.0
Content-type: text/plain; charset="iso-8859-1"
From: "Oracle DBA Forums"
X-Priority: 3
X-Mailer: IPB PHP Mailer
Message-Id:
Date: Sat, 24 Jun 2006 12:44:03 -0500
X-AntiAbuse: This header was added to track abuse, please include it with any abuse
report
X-AntiAbuse: Primary Hostname - server19.systemips.com
X-AntiAbuse: Original Domain -
X-AntiAbuse: Originator/Caller UID/GID - [99 99] / [47 12]
X-AntiAbuse: Sender Address Domain - server19.systemips.com
X-Source:
X-Source-Args:
X-Source-Dir:
X-Rcpt-To:
X-Country: US
Return-Path:
X-UIDL: 449E1620.A.583


PeterK,

HACKED
Better luck next time

-------------------------------------
Oracle DBA Forums Statistics:
-------------------------------------
Registered Users: 4410
Total Posts: 1
Busiest Time: 121 users were online on 2nd May 2006 - 06:43 AM

-------------------------------------
Handy Links
-------------------------------------
Board Address: http://dba.ipbhost.com/index.php
Log In: http://dba.ipbhost.com/index.php?act=Login&CODE=00
Lost Password Recovery: http://dba.ipbhost.com/index.php?act=Reg&CODE=10


So, is it true that the DBA Forums got hacked or was it a phising attempt? I went to the site by typing in the URL (not clicking on the link specified in the email) and everything seems okay. I don't think it's a phising attempt as there is no value in stealing a forum account unlike PayPal where there is money involved.

3 comments:

Don Burleson said...

Hi Peter,

>> So, is it true that the DBA Forums got hacked or was it a phising attempt?

Arrgh, those stinkin hackers. . . .

Evidently, this forum has high enough traffic to entice those who want to use it as a platform for spam and linking, and this is the second time in ten days that it’s happened.

The software is Invision Powerboard, and hosted directly by Invision Corporation, so we thought that they could ensure a hack-proof forum by working directly with the vendor . . .

I called the FBI internet field office in Charlotte NC and the agent says that the FBI does not investigate unless over $100k is stolen, and the hackers know this, and work with total impunity.

I’m told that the Invision hack scripts are widely publicized and traded online.

Peter K said...

Thanks Don.
Yeah, the FBI wouldn't bother if the value of the damage is too low. In this case, I see it more of a bragging thing (and most likely to be done via kiddie scripts).

I wasn't sure whether the email address was spoofed (as can be easily done). You might want to contact a few of the forum users (or better yet, post up a sticky on the forum).

Anonymous said...

I think you referred to this site before in one of your posts. The johnny.ihackstuff.com site. They posted various Oracle hacks and probably posted hacks on the forum software that got you..
arg.