Since this time yesterday when zFire was hacked in response to his foolish challenge to test his (pathetic) security, it seems he has been hacked again – at least once. a whole bunch of SQL tables or maybe even the entire database was dropped in what looks like yet another SQL insertion attack. It is clear that zFire has been gemming up on avoiding SQL injection attacks. Keep reading zFire … you will get there eventually.
But not before it is all too late. Password outing functionality, and indeed the veracity of the video we carried this week has been confirmed by the hackers from last night who released their findings to the Alphaville Herald. It may be they attempted to contact us with the information first, for which I thank them but I think the Alphaville Herald is a good place for that report.
Yesterday’s hack was still annoyingly obvious – and today’s moreso. I can allay some fears however in that I understand that significant quantities of false data have been injected into that database by yet another person or persons who have demonstrated they understood the security vulnerability well enough to do this. This same source suggests that zFire was about to manually add the names of all members of the inworld GreenZone users group to the list of “known copybotters”[sic]. Attached is the evidence provided – snipped away are well over 1000 names take from the group membership.
Since today’s hack the forums appear to have had it although it looks like there was a recent database backup. If anyone else is thinking of cracking this database I should point out that its no great challenge but at this time the working database is zFire’s biggest albatross It shows he has been a very very bad boy so please do not be tempted to take it offline. False IP address reports will do no harm though.
To end on a lighter note, Theia was confused by this remark from new RedZone poster arooga:
by arooga » Fri Mar 11, 2011 1:48 am
I would like to have crackerjack’s babies for the way he got Theia Magic
Done Up Like A Kipper she was, hung by her own petard
Her comment to that was amusing bit this is even more amusing in the light of this:
[Edit: Someone challenged the image showing that Arooga is Crackerjack, saying anyone could have written that on the forum. I edited down the screenshot I was given and now include a bit more to show this was a message sent directly to zFire. The message and the screenshot predate Friday’s crack on the database.]
It seems Crackerjack, in an attempt to beef up his security by changing his email address, locked himself out of that account. He decided Arooga would be fun for alt games. Strange from someone who finds alt outing so important.
So Arooga wants to have Crackerjack’s babies? Nice to see him getting in touch with his feminine side.