A hacking group invaded a server


#1

A group of hackers recently just invaded a server I play on called Moonlight 1.0, does anyone have an idea how they blocked the server with some sort of coding or how they were able to admin themselves? They called it a server invasion, it may also be possible that one of the admins with access to the server portal let them in.

Forgive me if this seems a bit unclear, but they were somehow able to unban themselves too


#3

Who is the owner of the server?


#4

No one except the owner should ever have access to the owner’s portal. I suggest that the owner change the password immediately and never give it out again. Admin should not have access to the owner’s portal. This is a prime example of why it isn’t recommended. I would first change the owner’s portal password, then password the server until the admin list is cleaned up. Consult the logs to see who gave out what.


#5

Possibly they’re not even hackers then…


#6

This happens to me a long time ago, the only server I played on was invaded, everyone was blocked and the server was eventually taken down…
Milla didn’t do anything about it so I can’t really help. This is a somewhat common thing to happen but nothing is being down about it.
The only reason I have this account is if old members of the server reach out to me :confused:
Good luck with getting the server fixed


#7

If hackers griefed your world, you can also contact milla here and ask for a rollback, to before it was ruined (if so)


#8

If the owner mismanages their own server to the point where they let untrusted people have their Owner portal password, that’s really not the responsibility of Milla to fix. It’s like if you are renting an apartment and then you give the keys to 10 different people who trash the place. Your landlord won’t help you.

Sorry to hear this @Exotic, but hopefully you can contact the owner who really needs to step in here.


#9

He didn’t give the key out, it was a public server. They came on, banned everyone and left


#11

Indeed, recently, we found out that it wasn’t a problem about the owner portal, rather a problem about the hackers having the power to do such a daring feat and almost get away with it. I may be wrong but I believe they targeted another server according to one of our frequent players. I just want to share this heads up in case a group of hackers like these also visit your servers if any of you own one.

Thank you for your concerns though, I wasn’t well informed of the situation so I resulted in a vague post like this. The server is Moonlight 1.0 owned by SilverJay if any of you were wondering.


#12

I’m not aware that hackers have control to do this without being given admin. And I’ve seen a LOT of hackers.


#13

An admin on a server i play on got hacked as well, a hacker was using the admin’s account


#14

The person concerned was an admin. I’ve cleared the admin list and Bibliophile sorted out some stuff. The owner will need to get in touch for a rollback.


#15

If you’ve never seen them become admins then you haven’t seen that many, it’s also really easy to get ahold of these hacks. I was curious on what they could do and ACCIDENTALLY came across a torrent to download these hacks. Hacking is a real big issue that even big companies like steam and EA can’t stop. All I’ve learned is not to get to attached to a server cause all the servers I’ve played on eventually get raided :neutral_face:


#16

Jemni has been dealing with hackers since they could abuse a glitch to log in as you… I’m pretty sure he’s seen just about everything.

I’ve yet to see a hacker actually become admin through hacks. However I have seen an admin become admin by:

  • being admined by another admin / their other account and then say they hacked it
  • asking the owner for their owner portal details and then logging in to admin themselves through the portal
  • tricking existing admins that they are the owner/some admin and lost their other account

I find these FAR more likely than the “hacked admin” story.

For the record, hackers can perform some admin like actions, but they can’t do everything. I’ve never seen a hacker successfully use /admin without being granted admin.


#17

I don’t think a day passes without someone trying that “I lost my admin account because I got a new device.” The new device claim can be debunked with a few questions. And if they are really your buddies they don’t mind waiting for identification confirmation from the owner’s portal. Other familiar phrases are: “The owner said they would give me admin.” “I am the owner’s family member.” Usually followed by some kind of threat if you don’t admin them. Frankly I don’t know why anyone would fall for these obvious lies. If anyone acts like this I usually just ban them because they are up to no good.


#18

You may be right, I’ve only had about 3 years of experience on this game, but can’t say I’ve seen everything.

Although the hackers couldn’t re-admin themselves once the owner portal access to other people was removed, I suspect that should’ve been the problem.

Anyways, I’ll make sure that the server avoids this kind of mistake again, I’m not as experienced in running servers, but I’m giving it a good go.


#19

Everybody knows to backup their old devices data and put the old devices data on the new device.