Technic News

Why The Downtime?

Hi.

 

Yesterday an admin account was compromised within the Technic Platform software we use. Our servers, databases and other assorted 'very important' things were NOT compromised, only the internal software we use to administrate the Platform itself. 

The result of this was someone used the admin account to grant a brand-new account admin access, and then went around deleting packs and changing emails to accounts. Immediately this was noticed (you can’t just delete the most popular user-created modpack of all time) and the servers themselves were shut down by me. Thus, the 503 page everyone saw for the last 12+ hours. 

 

I want to be clear that our passwords are hashed and salted and can’t be accessed from the Platform software. An admin can change passwords but can’t see what the current passwords are.

 

The result of this now is that the last day or so has been erased from the Platform’s memory and it thinks it was around 24+ hours ago. Our security has been re-done and now we offer various features. The most important one would be 2-factor authentication. It’s available for any user in your profile page if you’d like to use it (and I’d suggest you do if you run any sort of business ventures with your modpack/servers). As far as another issue happening like this it should be very unlikely as admin accounts within our software can no longer admin other admins which prevents specifically what this attack did. 

 

As for why we were attacked? There is a lot of money that is moved around because of the Platform. While we at Technic don’t run servers or accept donations, server operators use the Platform to serve their customers. Because of this there is real value that can be targeted when it comes to modpacks, servers, rankings and the accounts attached to them.  

 

Thanks for all your guys’ patience with us as we dealt with this issue. We’ll be keeping an eye out as always for anything weird that happens and hopefully have prevented other attacks that use this avenue.   

 

-KakerMix  

Comments

You must be logged in to comment. Click here to register a new account or log in.
all my modpacks deleted from my platform and some of them are deleted entirely, is it caused by this? my base in Crafting Dead took me lot of time to make, y'no
patrikcath 8 years ago
no, I've had that issue before, but if you go into your application support folder(on mac) or you %AppData% (windows) then you can see your modpacks folders, and all of mine where still there
Posted by swordmaster1713 8 years ago
thanks, but im using linux :D
Posted by patrikcath 8 years ago
still applies, i use linux too
Posted by swordmaster1713 8 years ago
oh, just realized, this isn't linux oops
Posted by swordmaster1713 8 years ago
This can be one in all the reasons Max Gain Xtreme reviews experiences is broadly taken as a steroid likewise. Hence if you begin taking synthetic steroids, they are doing two things whilst: they develop the quantity of testosterone and so they support you in constructing you muscular tissues. Max Gain Xtreme eternally encouraged that these ought to be consumed in a appropriate method and introduced simplest when prescribed considering the fact that the over does can have an effect on the physique in several approaches in which. >>>>> http://www.supplementmag.com/max-gain-xtreme-reviews/
stacytippisy 8 years ago
This can be one in all the reasons Max Gain Xtreme reviews experiences is broadly taken as a steroid likewise. Hence if you begin taking synthetic steroids, they are doing two things whilst: they develop the quantity of testosterone and so they support you in constructing you muscular tissues. Max Gain Xtreme eternally encouraged that these ought to be consumed in a appropriate method and introduced simplest when prescribed considering the fact that the over does can have an effect on the physique in several approaches in which. >>>>> http://www.supplementmag.com/max-gain-xtreme-reviews/
stacytippisy 8 years ago
This can be one in all the reasons Max Gain Xtreme reviews experiences is broadly taken as a steroid likewise. Hence if you begin taking synthetic steroids, they are doing two things whilst: they develop the quantity of testosterone and so they support you in constructing you muscular tissues. Max Gain Xtreme eternally encouraged that these ought to be consumed in a appropriate method and introduced simplest when prescribed considering the fact that the over does can have an effect on the physique in several approaches in which. >>>>> http://www.supplementmag.com/max-gain-xtreme-reviews/
stacytippisy 8 years ago
can anyone make a tiny turtle modpack on his how to train your dragon series wich is compatible with windows 8
Posted by charmand3rp 8 years ago
fucking love you man you're the REAL MVP you guys all ROCK
kouleifoe 8 years ago
is that wh yi cant login to a server or do i just have bad internet
juantheblock 8 years ago
That's very annoying. I have a pack I manage for a streamer and lucky me during the downtime the pack did not have any dire issues I needed to fix. But also I couldn't let people who the streamer and I approved into the pack that night. So I hope nobody tries anymore malicious attacks on this site, it is very useful for me and others.
Nut_Zach 8 years ago
That's very annoying. I have a pack I manage for a streamer and lucky me during the downtime the pack did not have any dire issues I needed to fix. But also I couldn't let people who the streamer and I approved into the pack that night. So I hope nobody tries anymore malicious attacks on this site, it is very useful for me and others.
Nut_Zach 8 years ago
Hi KakerMix, My first notification of this was when I a link to a modpack landed on your change password page. Having not received an email notifying me of this breach, I was alarmed. Re-direct of URL's is a common hacking method for gaining Account Password. Therefore, I went to the address bar to check your SSL Site Certificate and there was not one. This raised 3 concerns. I'm not trying to point fingers. I'm just trying to bring some security concerns to your attention; 1) You don't appear to notify your users via their registered emails when an attack happens. An emergency notification process should be put in place here so, users don’t get caught off guard. 2) Your users are logging in to your website over an un-encrypted connection that allows people to easily sniff the packets sent and see their passwords in plain text. 3) You don't have a certificate so users can be sure they haven't had their DNS redirected to a spoof site that collects accounts. Please let me know if I'm missing something as I would love to be re-assured that your site is secure. Thanks, -Xaxilis
Xaxilis 8 years ago
These are all good points, and I hope they get addressed
Posted by skwerlman 8 years ago
These are all very good points I hope KakerMix reads this and can help technic also good job to everyone who helped stop this fast and catches on to it keep doing your jobs :) -lots of love iiSkyWaffles XXX
Posted by iiSkyWafflez 8 years ago
shame about the trolls :/ i was wondering why i couldn't assess the website to update my modpack!
kingMCchris 8 years ago
Woot Woot to the whole team that caught on quickly and solved this fast, you guys are the best :)
Ameliawrites 8 years ago
I'm glad you guys were able to catch this and are taking it seriously. Lot's of love towards Technic and all that do what they do to keep it safe~
Mansonite 8 years ago
Our pack are still offline.... as they were deleted by this attack. We hope this can be fixed because we put a lot of hard work and effort into them.
Neobyte-Network 8 years ago
wow that sucks
Posted by sophienix_Neuroi 3 years ago
Damn. Good work
f3rullo14 8 years ago
CD was not compromised right?
Posted by jeroen8 8 years ago