Wed, 30 Mar 2005: Cracker attack on spurious.biz network
spurious.biz was subject to a major cracker attack. A malicious intruder exploited a system weakness to gain access to the system. Several parts of the system were damaged. The intruder installed several programs which made the system unstable and caused a system failure on late tuesday night.
System recovery took longer than expected as it involved a complete reinstallation of the whole system and data recovery from the backup system. However, no data should be lost and the system should be fully functional soon again. Also, one harddisk crashed during the recovery and the backup system got compromised too...
As the intruder had full access to the system, he might have gathered delicate information as passwords. We therefore urge you to change any password you used with your account on spurious.biz. As a precautionary measure some accounts/logins will be disabled during the next few days. We strongly recommend you to change also email passwords and database passwords.
In order to ensure that a similar event will not happen again, we decided to make security requirements more stringent. In particular, this will affect cgi scripts and to some extent php applications. Most customers will not be affected by these changes. To those who will be affected, we would like to express that we are sorry about any inconvenience this will cause, but we think it is in everybodys if we rate securty a higher priority than convenience. If you encounter problems please do not hesitate to ask us for support.
Please be patient while we recover the system...