Do you think I could just leave this part blank and it'd be okay? We're just going to replace the whole thing with a header image anyway, right?
You are not logged in.
Hi Everybody,
So here's the story, although we don't know that all the events that occurred were by the same individual or not, but here's what went on:
On 19th February 2019, someone (still anonymous) created in excess of 800 new EE accounts. These were not produced by registering the accounts, so the Captcha didn't matter, and email verification wouldn't have resolved the issue. The accounts were being created through exploits in Player.IO's registration systems, which meant that the hacker could effectively create accounts with whatever information they liked.
These 800+ accounts each had different IP addresses, and were consequently used to spam links in private messages, as many of you experienced during late February and early March. Every time we attempted to delete or ban one of them, a new one would almost immediately be created in its place. For example, on one day, an account was created at 9:06pm, it had been reported in-game by 9:12pm, was banned by 9:15pm, and a new account to replace it had been created by 9:18pm. It was an unending vicious circle.
We made a lot of changes in attempts to combat that, but the hacker always worked around our fixes, and eventually, the only way to stop it was to track down how the accounts had different IP addresses. I'm not going to go into details of how we eventually figured that out, but it wasn't just a regular VPN. Nevertheless, on 17th March, we banned exactly 1,130 IP addresses, which appeared to do the trick, as all the accounts went dormant, no longer used, and the spam stopped.
Due to the timeline here, we believe the same individual decided to change tactic, so they changed their activity completely. Instead of spamming people, they produced a new account with administration powers (as they were still somehow able to create accounts with any information they wanted), and renamed it "Xenonetix" after creation. Due to the nature of how the colored names work in-game, anyone named "Xenonetix" has my colored name, so this was an imposter with administration powers roaming Everybody Edits, all while I was personally asleep. Contrary to popular belief, my account itself had not actually been hacked, and the fake Xeno had a completely new account with barely anything on it.
This then led to a level of havoc that we're unsure EE has ever seen before. People were asking Mr X to give them admin, which Mr X proceeded to do, along with changing the username color of anyone they had given admin too. As staff, we were worried that things could get out of hand, so we had to shut down Everybody Edits entirely for a few hours on Sunday evening & Monday morning.
At this point, I'd like to thank this amazing community. We were really worried about what some people might have done when receiving administration powers, but for the most part, approximately 180 accounts were issued admin, and almost all of them acted very responsibly with it. Sure, most people were just having fun with it in a trying situation, and some people were scared about what was going on, but around 99% of the new administrators were not malicious with the powers they had been issued. Thank you all for that, and we're glad to see the community acted with strength during this time of weakness.
Moving on, we naturally reversed all the accounts that had been given administrator powers, and then turned the game back on again, having made some further changes to combat the problem. But sadly, the story doesn't end there, as on Monday 19th March & Tuesday 20th March, someone literally 'deleted' all the accounts that been given admin the day before. In addition, almost all staff members and Divine Patrons were also 'deleted'.
Now, as we thankfully have account information in multiple locations around the backend of Everybody Edits, and we back up regularly, being "deleted" wasn't actually the end of the world, as Mr X might have liked us to believe. When people logged on, the game asked to confirm terms and conditions and ask for a new username, but things like friends lists and crews were still completely intact. No worlds (that we're aware of) were deleted in the attacks, but people were worried they had lost them because they were no longer appearing on their account. This was purely a referencing issue, as the account was no longer associated directly to the levels by ID, but they were all still there. Anything bought on the accounts were still present, which meant no items had been lost at all. Effectively, all that had truly been lost was the username (and some minor account details).
Thankfully, LukeM had been making backups regularly, so we were able to restore all 180+ accounts back to their former glory today. I'd like to thank Luke especially for his hard work over the last few days, because the whole situation could have been a lot worse without him. I'd also like to thank Cercul1 for his work combating the 1130 IP addresses.
So that brings us to today. All the accounts have been restored to their former glory! However, they are from backups from Monday, so we have added 2 days to the login streaks of anyone that was affected, and appreciate your patience through these trying ordeals. Apologies for the inconvenience.
As for today's "attack", we've got to hold our hands up and say that one was our mistake. Whoops. Who needs hackers when we do the work for them? When restoring the accounts, we restored many of them to the state they were shortly after EE was shut down Sunday/Monday, which also meant a lot of people were still listed as Administrators, even though they were not. Naturally, this has all been rectified now, and everything should be back to normal.
Meanwhile, behind the scenes, we've taken various steps to prevent this sort of thing from happening again. All the developers now have brand new Player.IO accounts just in case a developer was somehow compromised, and I also have a new account, and have contacted Player.IO to attempt to get the game transferred to it. As such, this would block out anyone that ever had access to the game in the past. All this being said, I would like to reassure you all that your Everybody Edits login credentials were never compromised or accessed by the hacker. Nevertheless, we still recommend changing your password every few weeks.
Thank you to so many of you who supported and helped us through this endeavour. Naturally, we hope this is the end of Mr X's exploits, and we look forward to enjoying Everybody Edits as normal again from now on.
Prize for the most amusing reaction to events recently goes to Tora though:
~ Xenonetix ~
Offline
LukeM, Master1, Kirby, drunkbnu, SirJosh3917, Loganyoshi, St1ckS4m(EE), Zoey2070, coinage, Slushie, Security-Drone, Shockfield, Tchelo1234, octodecillion, Kkay, PTU, tijmentij, HelpMe222, mutantdevle, Andymakeer, Raphe9000, Tomahawk, TaskManager, Dencc, drstereos, mikelolsuperman, Snowester, 2b55b5g, Minimania, Piotrek, Teds, lrussell, Swarth100, frostflare, cristiantentu, Gabriellfs, Edilights, AllenCaspe9510
someone (still anonymous)
we have agreed to call them "Mister Man" :^)
Offline
that 1% was hexxel
Now we wait for the backlash from demodding 180 admins.
F
Offline
thanks hg for making this much better and ty for my avatar aswell
Offline
thanks for recovering my account
Offline
Keep up the good work.
Offline
Xenonetix wrote:someone (still anonymous)
we have agreed to call them "Mister Man" :^)
no, we should call him "some man", if not "some woman"
Time before becoming a Member - Leaderboard
1. Whirl - 9 months
2. KirbyKareem - 8 months
3. pwnzor - 2.4 months
4. MWstudios - 2 months
5. ILikeTofuuJoe - 1.5 months
Piskel is the best GIF maker I've seen
HG's signature for me - Anatoly's signature for me
The Mashed Potatoes Song - The longest post on EE forums - Play my Minesweeper
Offline
some man is already taken, woman it is
ninjasupeatsninja wrote:Xenonetix wrote:someone (still anonymous)
we have agreed to call them "Mister Man" :^)
no, we should call him "some man", if not "some woman"
what about starting to call them pipec mwstudios
/s
Offline
MWstudios wrote:ninjasupeatsninja wrote:Xenonetix wrote:someone (still anonymous)
we have agreed to call them "Mister Man" :^)
no, we should call him "some man", if not "some woman"
what about starting to call them pipec mwstudios
/s
If I was him, I'd give myself a patreon membership, diamonds, and every classic block, since that's what I always wanted
but I never get those because those attacks happen in midnight
Time before becoming a Member - Leaderboard
1. Whirl - 9 months
2. KirbyKareem - 8 months
3. pwnzor - 2.4 months
4. MWstudios - 2 months
5. ILikeTofuuJoe - 1.5 months
Piskel is the best GIF maker I've seen
HG's signature for me - Anatoly's signature for me
The Mashed Potatoes Song - The longest post on EE forums - Play my Minesweeper
Offline
The attack was fearful, I still wonder how you were able to stop it all.
The attack was fearful, I still wonder how you were able to stop it all.
Maybe it was a stunt to get more attention to ee and then it got fixed.
Offline
The attack was fearful, I still wonder how you were able to stop it all.
Read carefully and slowly
Offline
sad i wodidnt got admin powers i would gladly use mdo text...
thanks hg for making this much better and ty for my avatar aswell
Offline
Why do I think this is still not over...
Anyway, nice job to the admins for fixing this issue
she/her
also known as DevilCharlotte
search 2bisniekitastan if you wanna find my worlds on ArchivEE
Offline
Head's up, seems like these issues are still ongoing.
All Inbox messages, email addresses, and IP addresses have been leaked and are public knowledge.
If PlayerIO is the source of the breach (or if they somehow have access to the client), it's possible passwords should be considered compromised. To be safe, change your password on any service that you reused your EE password on. Can't hurt.
I can't speak for the EE Staff, I only manage the forums and my only source of information is what's posted on these forums, but since we don't seem to know the full extent of this hack, it might be wise to avoid EE for a little bit. At least until we get a final word from the EE staff that this case is closed.
"Sometimes failing a leap of faith is better than inching forward"
- ShinsukeIto
Offline
Head's up, seems like these issues are still ongoing.
All Inbox messages, email addresses, and IP addresses have been leaked and are public knowledge.
If PlayerIO is the source of the breach (or if they somehow have access to the client), it's possible passwords should be considered compromised. To be safe, change your password on any service that you reused your EE password on. Can't hurt.
I can't speak for the EE Staff, I only manage the forums and my only source of information is what's posted on these forums, but since we don't seem to know the full extent of this hack, it might be wise to avoid EE for a little bit. At least until we get a final word from the EE staff that this case is closed.
ill be honest, the fact that you had to step in is pretty pathetic. i’m glad you’re at an unbiased stance and handled the situation well. i cant say the same for the staff team
Different55 wrote:Head's up, seems like these issues are still ongoing.
All Inbox messages, email addresses, and IP addresses have been leaked and are public knowledge.
If PlayerIO is the source of the breach (or if they somehow have access to the client), it's possible passwords should be considered compromised. To be safe, change your password on any service that you reused your EE password on. Can't hurt.
I can't speak for the EE Staff, I only manage the forums and my only source of information is what's posted on these forums, but since we don't seem to know the full extent of this hack, it might be wise to avoid EE for a little bit. At least until we get a final word from the EE staff that this case is closed.
ill be honest, the fact that you had to step in is pretty pathetic. i’m glad you’re at an unbiased stance and handled the situation well. i cant say the same for the staff team
Like every time I see your name on a post its an insult, like I **** but it honestly gives me a headache - "Pathetic", like why can't you just say "Hey good job diff for doing your **** job! Really appreciate some type of information about everything's that's been happening with all these posts on the forum you run!" Sure communication is not nearly as good as it should be, but why not just listen to the admins working on the situation instead of trying to get a special star for spitting an insult and showing up.
Offline
long
haha! i like this post attacking someone i don’t like. wooting this rn!
it’s a good thing i literally could not care less about anything against me so long as it’s from ee - i’ve tried my part but fatman refused. thanks for getting mad over the smiley game forums!
however we digress, though. the admins have literally admitted to not working on the situation and there’s still yet to be an official announcement
Kkay wrote:long
haha! i like this post attacking someone i don’t like. wooting this rn!
it’s a good thing i literally could not care less about anything against me so long as it’s from ee - i’ve tried my part but fatman refused. thanks for getting mad over the smiley game forums!however we digress, though. the admins have literally admitted to not working on the situation and there’s still yet to be an official announcement
you're disabled and should get off the internet
however we digress, though. this situation is pretty bad
It's :clap: Spam :clap: If :clap: The :clap: Mods :clap: Don't :clap: Like :clap: It
Offline
And it's getting hacked again ._.
Hits that yeet all day and all night
Offline
Kkay wrote:long
haha! i like this post attacking someone i don’t like. wooting this rn!
it’s a good thing i literally could not care less about anything against me so long as it’s from ee - i’ve tried my part but fatman refused. thanks for getting mad over the smiley game forums!however we digress, though. the admins have literally admitted to not working on the situation and there’s still yet to be an official announcement
"I don't care about anything you say haha!" It's like you don't even know what you're talking about so you just decide to be rude and shoot insults for no reason. "Tried my part" is even funnier because you don't have a part, let the grownups handle the situation I love how you think you could do a better job then like every single staff member.
And I'm super sorry for getting upset on a smiley forum, I didn't realize I was talking to a smiley wiki mod
Offline
Kkay, Onjit, XxAtillaxX, Minimania, PTU
Please keep future discussion relevant to the breach. This isn't the place for any of that.
"Sometimes failing a leap of faith is better than inching forward"
- ShinsukeIto
Offline
[ Started around 1732194140.6549 - Generated in 0.161 seconds, 10 queries executed - Memory usage: 1.94 MiB (Peak: 2.24 MiB) ]