Tuna got hacked

Tunaman5 at comcast dot net

He's hit the big time

Pretty bold of them to commit a felony and put a name and email address on there.

What's sad is that it doesn't even matter...they'll still probably get away scott free. That's our wonder department of homeland security for you.

Hacked by a muslim extremest. Guess he's preparing for the paintball Jihad- Pretty sure if it comes to it we got this one...

I think Tuna has been hacked in the past, but he knew who did it. Doesn't look like the last time.

500 bucks to anyone who can provide me with the info needed for arrest and conviction of these scumbags...

Do you have any enemies? People who would want to screw around with you this way?

Dollars to Donuts that it's a random hack from China or Russia.

There has got to be SOMEONE we can hire that is smart enough to find out who these bastards are...

I attend a training class by these people, http://www.foundstone.com

If you really want to catch them the key is not to touch anything and let Foundstone do an Incident Response. The number one thing is document everything that is done to the computer after it has been hacked. When it gets to be court time the perp will get off if every step of the incident response was not documented.

In the event of an Incident, Foundstone did not even want the servers to be turned off or unplugged from the network. the only way to find rootkits is to look in the memory of the system and once the system is powered off valuable forensics information is lost.

Here's a good book that will demonstrate everything in a Incident Response.


But realistically this is probably from over seas and there won't be a GD thing you can do about it.

You server probably has a root kit installed by now so do not reuse the OS. You will need to completely rebuild the server but only after you have had an Incident Response done or decided not to do one.

Good Luck and Unless you are loosing thousands/millions of dollars an hour in sales it really is not worth it. Wipe your system and start over.

Arrest? how about we dig a few holes out by the Meadowlands?

When you search for ahmadso on google theres quite a few references to a muslim extremest hacker. I'm guessing the problem is not from the USA and not likely to end in a favorable outcome. Either way I hope that things get back on track soon.

If you need a place to dig a hole or dispose of a rather large flimsy garbage wrapped package I've got a few places no-one would ever look.

I would STRONGLY encourage you not to waste any money attempting to track down a vanity hack. You'll spend a fortune on computer forensics far in excess of the damages incurred. If law enforcement is willing to take the case, work with them, but I don't think I'd pay money out of my own pocket to track down some dude half a world away.

Looks like you're back up and running now, but hopefully you were able to preserve things like security logs and such. Work with your local law enforcement first, they'll direct you to the correct agency where you'll probably be ignored completely because your website name wasn't Amazon or Ebay.

They'll ask you for things like log files, maybe the physical hard drives if you have them.

Definitely make sure that you don't just "fix" the issue to bring the site back online. If you got rooted there's nasty stuff lurking below.

Restoring the data isn't good enough, you need to wipe the OS clean, rebuild with current security patches, etc...then restore your data from backups. If your host does image-level backups of your site this gets even easier. You can restore the full system to its pre-hack state and then apply security patches and stuff.

The question will also be whether your database was hacked as well. If they run on the same machine, assume that they were. If not, check security logs (or have your hosting people do it) to see if any connections from the same IP address were made to the database server.

Use them as bait in some crab pots, and then no shovel work is needed.