Site Password Reset

Hopefully it stops, but I think its because of the server issues not so long ago.

The other way around.

As you may have noticed yesterday, the forum was down in the morning and then again later that night. This was due to an attack on the site. [...] This incident appears to be unrelated to the site downtime that we experienced two weekends ago.
 
Im so glad I found this thread I was a little worried, I've not been able to use the site for almost two days and when I finally managed to get on a proper page the pass reset came up, but im still having problems with anything loading, but im glad people know whats up.
 
Oh my god I logged into the site and thought I was banned, and with my history is wouldn't have been surprised

- - - Post Merge - - -

I bet it was Starrywolf again

Hey I know starry as a friend and he's not smart enough to do that so ://// sorry
 
Oh dear.. that's unfortunate. Will you consider getting TBT under https:// protocol in the near future because of this?
 
Oh dear.. that's unfortunate. Will you consider getting TBT under https:// protocol in the near future because of this?

To be fair, the site having https wouldn't have changed what happened. It would have just meant the site is more secure over insecure networks (such as your local coffee shop's network). MITM attacks are unlikely over your home network (and your ISP likely can monitor your traffic anyway).
 
Yep, all the profiles are broken again. Please fix this before today, as I have a couple people I need to say happy birthday to. :/
 
Yeah broke here too.. honestly I'd rather have other stuff gone than this aaa
 
MITM attacks are unlikely over your home network (and your ISP likely can monitor your traffic anyway).

Regardless of encryption, your ISP can monitor which websites you visit, but only without encryption can they view and modify (such as adding their own adverts) the actual page content. Of course, there may be laws theoretically preventing them from doing so, but that depends on your area.

- - - Post Merge - - -

A+ brilliant idea they definitely did not think of that until right now.

Then why isn't it secure����

The actual website and server is okay in terms of security. There are no obvious ways in and there is only one field I've found on here which can be abused. It's just the connection from the server to the visitors which isn't secure (and for no good reason with it being easy and free to implement these days, but the staff are sick of me mentioning it).

- - - Post Merge - - -

Not sure where that top part of the second quote from. Looks like the website's a bit broken. Won't try and fix it as it's too fiddly on mobile.
 
Last edited:
The user profiles are back. The feedback system was causing this.

Also, please don't answer questions on behalf of the site as it could spread misinformation or panic. The site is secure and we were able to tell how the attacker gained access shortly after it happened. It has been addressed, but I can't disclose details for security reasons.
 
The site is secure and we were able to tell how the attacker gained access shortly after it happened. It has been addressed, but I can't disclose details for security reasons.

We're not expecting you to share how it was done, especially if the process may work on other websites. :)
 
I don't understand why hackers would need to target an ANIMAL CROSSING FORUMS. All they're gonna get is *cough* online user's IP's, emails, and site passwords which TOTALLY couldn't relate to any other passwords they use on other applications and websites (like me)

Still don't get it.
 
Back
Top