Hacking attempts hit calculator sites
Posted by the ticalc.org staff on 9 December 2015, 23:42 GMT
Last weekend, community
website Omnimaga was breached by an
unknown attacker, resulting in several hours of downtime as the site's staff
purged and restored it. The site's forum software was found to be using an
unusually weak password hashing algorithm, and there are indications that the
attacker may have stolen the hashes, recovered some of the actual passwords, and
used them to compromise accounts on other sites,
including Cemetech and ticalc.org,
targeting users who used the same passwords on the other sites as on
Omnimaga. We also observed a number of scripted login attempts and exploit
searches hitting shortly after the attack.
We advise visitors to be cautious and consider changing their passwords on
Omnimaga and on any other sites, including ticalc.org, where they might have
used the same passwords. We recommend using a unique password for every site and
following safe
password practices.
