DEVLOG#03 – Hackers Gonna Hack Hack Hack

Ascenderians!

I’m Garnet who take charge in story and web development. The most annoying thing for me just happened this week. Our website http://www.ascenderthegame.com has been hacked twice in two days by some irresponsible hacker groups.

Original Web Screen Shot
How the web supposed to show

First attack was identified by Citrine, Lead Sound Design and Marketing, after he got a report from Australian named Zack in Indie Game Marketing Facebook Group on Tuesday, 1 September 2015, at 6.15 in the morning. I already woke up in that time, read LINE message from Citrine and he sent me the hacked web screenshot. The first hackers launched a Defacing Attack!

1st time hacked site
The First Defacing Attack on Ascender The Game Home Site

In a second, I checked our administrator area in the site, I try to make things right and make the home page right but I didn’t notice that our first devlog already defaced too. I analyzed this attack, it’s not really a harmful attack because its only change the look in our website, anything else (files,codes,images) was completely safe, so I replace the index file and modify .htaccess back to normal. But, I suspected they already put a backdoor (that are related to the next attack).  I tried to track down the hackers and in a short time with our networking (friends of friends of friends) + IP tracker tools, we found out the suspect who responsible for defacing our website.

first hacker social media account
Suspect of first attack on Ascender The Game website in social media

Then, 2nd attack happened in Tuesday evening! This attack is stronger than before. They not only took the page of our web, but also delete all the files in our server! Mother Father! Holy Ship! Football Club of United Kingdom!

The 2nd Attack Screenshot on Ascender The Game Website
The 2nd Attack Screenshot on Ascender The Game Website

After took off from my prime job and got home, I worked on this attack long enough. I’ve been able to track 4 IPs that are inject some scripts in our web, 2 from Jakarta, 1 from Palembang, and another 1 from East Java. When I was in the administrative mode, they were active also, so I can easily track down the activities and put a bait to know where the hole of our system. I made some backups, took off their shell (hacker) script, and made up some script as a bait.

Guess what??? The hole has been found, they were using our less secure devlog (original devlog) that has been using hosted WordPress. We decided to move the devlog to http://www.wordpress.com that a way more secure and reliable than hosted WordPress (in fact, it is because that we only know less about hosted WordPress security, but no doubt with its engine). And, here we are at the new devlog of Ascender The Game! The main website http://www.ascenderthegame.com is secured and safe at least for now! Cheerio 🙂

Signing out from Game Changer Team Headquarters! See you in the next story!

Garnet

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s