Help support TMP


"PSC Hacked Again..." Topic


26 Posts

All members in good standing are free to post here. Opinions expressed here are solely those of the posters, and have not been cleared with nor are they endorsed by The Miniatures Page.

For more information, see the TMP FAQ.


Back to The Industry Message Board

Back to the Websites for Wargaming Message Board

Back to the WWII Discussion Message Board


Action Log

29 Nov 2012 12:28 p.m. PST
by The Editor

  • Removed from Consumer Affairs board
  • Crossposted to Websites for Wargaming board
  • Crossposted to The Industry board

1,695 hits since 29 Nov 2012
©1994-2014 Bill Armintrout
Comments or corrections?

Mick A Supporting Member of TMP29 Nov 2012 11:35 a.m. PST

Got onto the site without a problem earlier but now its hacked by the same ones as before…

Mick

Garand29 Nov 2012 11:37 a.m. PST

So does this mean Iraq will be the next hotbed of hacking culture???

Damon.

(I make fun of others) Inactive Member29 Nov 2012 11:40 a.m. PST

I wonder if the tracing of the hack will lead back to New Zealand …. grin

Garand29 Nov 2012 11:43 a.m. PST

I can see it now: money exchanges hands, proxy group set up in a plausably deniable place (like Iraq). Next thing you know is containerloads of PSC kits are hijacked by Somali pirates…

porfirio rubirosa may be on to something…

Damon. :)

Personal logo richarDISNEY of the RDGC Supporting Member of TMP29 Nov 2012 11:44 a.m. PST

PSC?
beer

Mick A Supporting Member of TMP29 Nov 2012 11:44 a.m. PST

It's a pain in the backside as I was trying to show the mehmsahib what I wanted for Xmas…

Mick

Mick A Supporting Member of TMP29 Nov 2012 11:47 a.m. PST

PSC- Plastic Soldier Company.

Mick

Personal logo ColCampbell Supporting Member of TMP29 Nov 2012 11:47 a.m. PST

PSC = Plastic Soldier Company

Personal logo taskforce58 Supporting Member of TMP29 Nov 2012 11:52 a.m. PST

May be Iraqi wargamers REALLY want some 15mm plastic T-55.

Personal logo Who asked this joker Supporting Member of TMP29 Nov 2012 11:56 a.m. PST

Common problem. The site gets restored from a backup. The backup contained the code that was hacked from the previous site.

6sided Inactive Member29 Nov 2012 12:35 p.m. PST

Could be a backdoor left from the last hack, or the PSC guy has not learned from his mistakes, or it's an unpatched weakness in the CMS he is using.

Whatever it is, it's costing him business.

Jaz
6sided.net

Personal logo Ditto TwoThree Supporting Member of TMP29 Nov 2012 12:38 p.m. PST

bleep me, I just ordered from them last night. Should I should worry do you think?
--
Tim

Personal logo vojvoda Supporting Member of TMP29 Nov 2012 1:40 p.m. PST

I bet a dollar it is a metal miniatures gamer.

VR
James Mattes

Garand29 Nov 2012 1:43 p.m. PST

May be Iraqi wargamers REALLY want some 15mm plastic T-55.

This would make me IMMENSELY happy!

Damon.

AONeill29 Nov 2012 1:46 p.m. PST

Payments are handled by RBS and therefore a separate server.
So your credit card details will be safe Tim.

Ken Portner Inactive Member29 Nov 2012 2:21 p.m. PST

What did PSC do to excite the hackers' ire? Or is it just a random thing?

Personal logo Ditto TwoThree Supporting Member of TMP29 Nov 2012 2:39 p.m. PST

Thanks for the reassurance, Andy. Yes, I do remember going to a different site to process the payment.

[EDIT] OH NO, my PSC account appears to be wiped out. frown But 184.84 Canadian went through my Visa and was charged to PSC. Grumble, grumble. Where are those Iraqi ding bats! laugh
--
Tim

Personal logo Who asked this joker Supporting Member of TMP29 Nov 2012 3:10 p.m. PST

What did PSC do to excite the hackers' ire? Or is it just a random thing?

Just random probably. Someone or some"bot" found some low hanging fruit.

PiersBrand29 Nov 2012 3:34 p.m. PST

Tim,

If you let me know what you ordered, I can drop Will a text to check it out.

Personal logo Ditto TwoThree Supporting Member of TMP29 Nov 2012 7:09 p.m. PST

Piers, thank you so much, but in fact I've just got back on and was able to see my account. All is well, hurray!
--
Tim

GReg BRad30 Nov 2012 3:53 a.m. PST

My personal opinion is that someone was unhappy about their BGK order and started hacking PSC. Someone has a grudge against Will!

Personal logo Black Hat Miniatures Sponsoring Member of TMP30 Nov 2012 6:12 a.m. PST

It will simply be a kid running some script he found on the web that hacks a known loophole. I had a similar thing happen to my site before I tightened up security.

I still get a number of attempted hacks against Oscommerce everyday.

Mike

Personal logo Who asked this joker Supporting Member of TMP30 Nov 2012 2:53 p.m. PST

It will simply be a kid running some script he found on the web that hacks a known loophole. I had a similar thing happen to my site before I tightened up security.

I still get a number of attempted hacks against Oscommerce everyday.

That's one possibility. Here's another. Hackers often employ bots to search out other vulnerable machines. They scan and scan trying various hacks to get in. When they find one machine (PSC), they report back to their boss that they've just hacked a machine. The boss then either uses it as another bot, defaces it for "street cred", or goes for something more concrete. Now, there is often a delay because the boss probably has a real life and maybe does not have time to get to every machine hacked. So there maybe a delay.

Lets say he is going for money. He will make PCS look like it normally does. He will have the shopping cart and a way to let you pay. That portion can be replaced with a link of his choice. This can fool you into giving such things as credit card info, paypal account information and so forth.

I have not been to PSC since they got hacked but if Mick A detected it because everything was all jacked up, then it probably was either a hacker group or a kiddie. The fact that it happened again tells me that the system was compromised sometime before a system backup or there is a security flaw in the shopping cart system.

In any case, If I were you (I mean the collective you) I would contact PSC and ask the hard questions. What was the extent of the damage? What if anything was stolen? Is my account information at risk? What are you going to do to make sure this won't happen again? It sounds dramatic, right up to the point where someone empties out your bank account.

John

Augustus30 Nov 2012 7:29 p.m. PST

Time to get an entirely new shopping cart set-up. This should have been done first time around.

Marcus Maximus Supporting Member of TMP01 Dec 2012 1:00 a.m. PST

The Joker (Hello John!) is spot on – and usually the shopping cart is COTS app so it's more than likely the latest patch relase was not rolled out. Another thing is virii and trojans – these are usually the first step in the hack attack in parallel with teh scan bot attacks.

Personal logo Chortle Sponsoring Member of TMP Fezian01 Dec 2012 3:03 a.m. PST

I think you have all missed the point. Saddam isn't dead. The execution video was a hoax. He has actually been miniaturised and is coming back in 15mm and 20mm (with a range of accessories).

All your base are now under control of the Army Iraq Sunni Alalktrwny. Allah Akbar!

Sorry - only trusted members can post on the forums.