- It is not known for sure that the attacker copied any password hashes, but it should be assumed that he did.
- No forum data is known to be damaged or maliciously altered, Bitcoin Talk has made the decision to proceed forward with the most recently active database.
- The attacker first paid for a donator account so he could change his displayed username. The displayed username field is not escaped properly, so he was able to inject SQL from there. He took over Satoshi's account, and from Satoshi's administrative interface he was able to inject arbitrary PHP code by modifying the style template.
Sunday, September 11, 2011
Bitcoin Forums Restored - Sirius Still In Charge
Well, after a long day full of checking to see if the Bitcoin Talk Forums were back up, they are. Bitcoin Talk administrator, theymos, urges all users to promptly change their passwords immediately, it is unclear at this point how much private data was proliferated. In this post, theymos explains what has been discovered about the hack, and what is known about the perpetrator. Here are the cliffnotes:
Posted by TYPELiFE at 12:09 AM