Hacker Alert (Read, No Panic - ended)

8 min read

Deviation Actions

CHRISwillar's avatar
By
Published:
10K Views
Hey guys; this is just a small warning - there's currently a hacker group going around on dART that steals your login info by using already hacked accounts. Simply, by use of coding, this group has changed the url path of several accounts (one of their tricks is by posting a comment on your works, claiming it has been stolen, followed by a link), so that when you go to visit their profile page, you are instead redirected to what seems to be the dART login page. But it's not! If you take a look at the url, you will see that it's in fact not a dART url at all. This what the fake login page looks like:
:thumb339665102:

One of the victims is neomoti - she has been accused for being the hacker, but this girl is not at fault; the hacked account is still in their possession, so she has opened another instead to start over -> XxneomotixX; she explains it in this video: www.youtube.com/watch?v=A-tVxQ… (reuploaded)

The REAL hacker is apparently the group Dong Force: twitter.com/dongforcer (twitter account) & www.facebook.com/dongforcer (facebook account)
They claim to already have info for hundreds of dART accounts, and they plan to disclose them. gary-niger is part of the group.
"Troll coallition causes fear among the people of DeviantArt", article by the group about this attack: bosslegen.de/nf/2012-11-25-dev…


Don't panic, just be aware of this; If you are already logged into dART but gets a login page when trying to visit another account's profile page - check the url before typing in your information! Use your common sense. Please spread this around, so that others won't fall victim. And if you want to troll these hacker, then you can type in false info in the fake login; the hackers have to go through all login info, and this might slow them down Peace! :peace:

Lists of released info on hacked accounts: pastebin.com/tvVwUPaD pastebin.com/iubn84Kq pastebin.com/2ZMimeJm - latest: pastebin.com/PrpQeTZF ~ all the (almost 2400) hacked accounts' info(?) - NEW: pastebin.com/5pp0P6QX
(DF claims to have retrieved more than 2000 accounts out of "courtesy"; claims to have info on more than 2100 accounts)

EDIT: the affected accounts above no longer lead me to the fake login site, so I'm not sure if the attack is over (dART blocked the attack?). I still advice you to be careful, though. Keep an eye on everything suspicious.
The End(?): dART has successfully stopped the hackers' script, so it should be okay. However, please still be careful - you never know when another hack-attack happens again. Also, you might want to take a look on the released list of hacked accounts' info above.
Hacked? If you did type in your info on the fake login site, the hackers' script would immediately have saved your info. You can't do anything about that, but you might still be able to save yourself by changing login info, but this is not certain. Keep a close eye on your account, and if anything changes, go here: FAQ #660: My DeviantArt account has been hacked. What can I do?

PLEASE READ: Hacked?! Are you unable to log into your account? Then stop trying and let it be! Either it's under the hackers' control or dART's; you can't do anything. I don't know how dART works to solve the hacking, but I can imagine that they froze the accounts that have been affected, while they are trying to secure them. And if you keep messing around with it, it might disturb dART and slow the process even more. I also do not know how long it will take before you are able to get it back - it might take hours or days, depending on how serious the situation is - but there's really nothing you can do but wait and hope. Be patient!

And to those who wishes for the hackers to get hacked - are you out of your mind? That won't solve anything. Besides, hacking is illegal, no matter how you use it and on what. Just be glad it isn't Anonymous who's behind this. Please be realistic. And patient.

Also, people: stop treating me like I'm someone who has insight in this. Most of the advices here are based on common sense and knowledge, but I really don't know more than any of you. I don't mind answering your questions and trying to help. But that's all I can do. Please respect that.

Thanks for reading! I hope you all are safe and not too worried - remember, always use common sense~

Alright, darlings, it has been an honour to serve you as information provider about this incident, but I'm going to end it now. There hasn't been any news from the culprits for hours, other than pointless bragging and bashing, and the situation is now fully under dART's control. Thank you for your cooperation, and remember - be careful, be aware and always use common sense. Never panic, stay calm. Thank you.


Be vigilant of phishing scamsYour account's security is of vital importance to deviantART and we're committed to providing our members resources and advice on how to stay safe and secure online.  Earlier today, an individual or group of individuals redirected some deviantART members to a false deviantART login screen by exploiting a cross-site-scripting vulnerability in deviantART's Journal system.  This tactic, commonly known as phishing, allowed the individuals to gain access to some accounts. 
Phishing is a serious matter on the Web. You've probably heard of phishing attempts through emails, the classic example being a fake email from a bank or other trusted authority, asking you to enter your personal information.
Incident details
The individuals discovered and exploited a cross-site-scripting vulnerability in Journals that provided them the ability to redirect deviants to a different website, designed to mimic a deviantART login screen.  Some deviants who did not realize that they were bei

(dART's post - read)


© 2012 - 2024 CHRISwillar
Comments531