A conclusion to the hacker problem

server

#1

Hey again folks

Server: Moonlight 1.0

I just wanted to do one last report, more of a warning really. Apparently, the hackers that I’ve mentioned before on my last post really are using hacks to access the server, even though they were IP banned. They somehow gave a player (who was most likely associated with them) admin. Only two people at the time were administrators, me and a friend who I know isn’t associated with the hackers in any way. The player proceeded to ban everyone online at that moment, including me, and using the repair command to destroy the spawn area and a part of what our players built. They left a message behind on the welcome message itself too, asking that the owner sends inappropriate images of herself in exchange for the server to be left peacefully.

They raided another time, apparently using the owner’s account from what I heard in the discord channel for the server. I had my administrator access removed too when I realized I wasn’t banned anymore. As of right now, they have complete dominance over the server, somehow giving themselves admin when no one else had access to the owner portal. I’ve never seen hackers of this caliber, and personally don’t believe that hackers can be this powerful. There was most likely a severe security flaw that the hackers somehow used despite all my attempts in making sure they don’t return. I’ve resigned due to this mess and the server is most definitely lost. I don’t wish for anything to be done about this, rather, this is a warning to other servers about this whole mess I’ve experienced. As an assumption from a short experience, it appears there are always ways past the system

I wish to you all that this doesn’t happen to your servers, I’d state the names of the members associated with the hacker group, but unfortunately, it most likely wouldn’t be what they logged onto the server with. If anything was unclear about this post, I’ll try to answer as many questions as I can about the situation to clarify. Apparently, my greatest weakness is precision.


#2

report it all to Milla. PM her with names and such. are you the owner? if not, then the owner has access and could have also given access to the OP without you knowing it.

It is unfortunate, but rollback is always an easy fix. The owner should just go on to the OP and change the password to something secure and NOT give it to anyone.

Bottom line: contact Milla.


#3

Did they use a VPN?


#4

That would be naming and shaming so its best to just do what Thuthu said and contact milla.


#5

I have contacted milla for you. Please do not allow the owner to send inappropriate images of herself. Owner needs to change pass to the op, and not tell anyone. Ban their ips instead of their names.