View RSS Feed


Basenotes Hacked last night

Rate this Entry
At around midnight (GMT) last night, Basenotes was hacked. If you visited the site early enough before we took the site offline would have seen a black page with the following message, and video:

Hacked by Team Animus

- video -

From Sweden with <3

As soon as we heard about the hack, we (in laymans terms) switched the site off and displayed a message saying that the site was down and we would post further updates on our Twitter page. I fell asleep at 2:30 while waiting for someone from vBulletin (who make our forum software) to get back to me.

It turns out that the site was hacked via a vunerebility in one of the ‘plug-ins’ we use on the site ‘CYB Advanced Forum Rules’. The hackers exploited this script to add a new admin into the forum, and change all other admins to normal users.

The Hackers also:
  • Changed everyones user titles to ‘Hacked by Team Animus’ (I’ve deleted all of these, so if you are a Basenotes Plus member, you will need to re-add your custom user title if you had one)
  • Added an extra file in one of the folders (possibly to allow them to gain further access)
  • Added the index page with the saxophone video to the main site, and the Moderator and Admin index

This appears to be all that was done. Apart from reseting the usertitles, no damage was done -- in the comments of the file with the saxophone they note:
All files should still be untouched. The purpose of this was not to f*** anything up.
We did it for the lulz.
This attack wasn’t about Basenotes, hundreds (if not more) of other vBulletin sites, which were running that plug-in, have also been affected. We have now removed all of the plug-ins we use (including iTrader), just in case they can also be exploited. - We will add them again shortly

An unfortunate side-effect of the hack is that when I switched the site off, it seemed to have affected the email, which seemed to have forgotten that it had already sent out lots of email, which meant some people ended up getting a barrage of old emails from us. We’re really sorry about that. If it’s any consolation, I’ve got an additional 2,109 emails in my inbox to deal with now too, due to that same issue.

I’m pretty sure everything is back as usual now (apart from some of the styles on the directory pages, the disabled plug-ins, and user titles) but if you see anything odd, please let me know using the Contact Us link at the bottom right of the page.

I'm going to have a break now, and take another look at getting things back to normal at the weekend.

Added. All the attachments seem to be gone, so no images in albums or articles. This wasn't directly as a result of the hack, this is probably me trying to do things at 3am. Will try and sort out over weekednd

Apologies for all the inconveniences this has caused

8th May 2011, 11am GMT : Sotd / today's scent back working again.

Updated 8th May 2011 at 10:03 AM by Grant

Behind the Scenes , Tech


Page 1 of 4 1 2 3 ... LastLast
  1. mr. reasonable's Avatar
    Thanks, Grant. I really don't know what to say . . . just glad you can get some rest now
  2. teardrop's Avatar
    Phew, thanks Grant, so good to have you back! l'm quite concerned at the level of anxiety that basenotes withdrawal induces in me, l think l need help! Anyway thanks again for all that you do, you da man!
  3. CoL's Avatar
    Glad things are back up and running. What f**ckers to do that! Let me know if I can help! ><
  4. FrouFrou's Avatar
    I followed on Twitter, but I don't have an account. Well done Grant. This must have been so very stressful for you. I think you did a brilliant job cleaning the site up and getting it back on line so fast.
    Get some well deserved rest now!
    Updated 6th May 2011 at 02:28 PM by FrouFrou
  5. Dr_Rudi's Avatar
    "Apologies for all the inconveniences this has caused"

    Grant - I think an apology is the last thing you need to offer. Spend the weekend sleeping - or at least as much as the children will allow.
  6. Persolaise's Avatar
    Goodness me!!

    Thanks very much indeed for all the hard work, Grant.

    Now get some rest.
  7. Dr_Rudi's Avatar
    "Apologies for all the inconveniences this has caused"

    Grant - I think an apology is the last thing you need to offer. Spend the weekend sleeping - or at least as much as the children will allow.
  8. Persolaise's Avatar
    Goodness me!!

    Thanks very much indeed for all the hard work, Grant.

    Now get some rest.
  9. Descartes's Avatar
    Shocking! when I saw the Eurovision song Festival clip, I freaked out!!,don't get demoralize and thank you for all the time dedicated to BN.
  10. serafina's Avatar
    so sorry for your trouble. I really love basenotes - don't be disheartened
  11. honestflora's Avatar
    Ugh, what a total pain in the arse! Well done for getting things back on's appreciated!!
  12. Scentdawg's Avatar
    Thanks for having the sure back up. I don't know why people do such things. I guess they don't have beret things to do. Thanks for all the hard work.
  13. Sorcery of Scent's Avatar
    Sorry to hear you've been working around the clock Grant. Thanks for all that you do!
  14. Nasenmann's Avatar
    Thank you very much for all the hard work and also for posting this explaination!
  15. WillC's Avatar
    Great to have the site back! Thanks very much for all your hard work, Grant.
  16. Emlynevermore's Avatar
    Grant, you are a prince.
  17. IngaMi's Avatar
    An amazing job you did - rest yourself! thank you so much for all the work you did...
  18. bogsc's Avatar
    Grant, this sounds like a nightmare. Thank you so much for all your hard work on restoring Basenotes!

    Anyone else having difficulty getting into settings? I can get into profile but every time I try to go into settings I get an error message this am so can't seem to access my mailbox/subscriptions, etc. Also, can't seem to post scent of the data. Getting error message about not being able to access database. Wondered if anyone else is experiencing that as well?
  19. hedonist222's Avatar

    Selecting perfume of the day doesn't seem to be working. I get this error:

    Warning: unlink(/home/basenot2/public_html/ca/sotdside.php) [function.unlink]: No such file or directory in /home/basenot2/public_html/bn-inc/functions.php on line 58

    Warning: unlink(/home/basenot2/public_html/ca/sotdsidecms.php) [function.unlink]: No such file or directory in /home/basenot2/public_html/bn-inc/functions.php on line 58
    Unable to connect to the database server at this time.
  20. Guest 3's Avatar
    I don't even know what a plug-in is, but I'm sorry this happened, Grant. :(
Page 1 of 4 1 2 3 ... LastLast


Total Trackbacks 0
Trackback URL:

Loving perfume on the Internet since 2000