Hi,
As you are probably aware the site was hacked today...actually it wasn't hacked as such.

What actually happened was that another site hosted on the same server as BTTOS enabled some Turkish script kiddies, using a proxy in Egypt, to run an exploit on that account, which in turn allowed him full access to that account only. He then uploaded a web/php shell which allowed him to execute shell commands, basically run commands that tell the server to do certain things. He then ran a RFI (Remote File Inclusion) attack and then people were met with the lovely "hacked" page this afternoon.

All in all it took me 20 seconds to revert what had been done. But unfortunately I couldn't do that from work, hence the downtime.

I'm still waiting for the server provider to get back to me with further information. But from what I have found out they haven't actually breached the security of any part of BTTOS. So there should be no cause for concern about your passwords, emails, PMs or any data. However I would suggest, just to be on the safe side, that you change your password anyway.

I'll update this post as and when more information is available.

Sy

Latest update.

The previous server provider has now been acquired by a larger company and because of this and the fact that the old server required a full rebuild due to the previous provider not making it secure, take yesterday for example :roll:, and other users having compromised accounts, the BTTOS account is fine, they had to take the server down to stop further problems. Unfortunately we were not made aware of this and the downtime was as much of a shock to you as it was to Mike and myself.

Anyway, things are back up again, but be warned there could be further downtime still to come. Hopefully we will get prior warning of this though!