Update on hacked catiewayne.com forum: now operational again

March 19 2013, the forum was hacked.

The database containing the hashes of every user’s passwords was stolen.  Also contained in that database in plaintext is the content of every single private message sent from any user to any other user.  Both of these things were temporarily published publicly to unichan, so potentially hundreds of people could have gotten a copy of that database with everyone’s private messages, password hashes, and email addresses.  Potentially dozens of people could be brute-force checking the password hash database right now, and many of the weaker passwords have probably already been found.

The hackers also signed into at least one of the administrator’s control panels and changed all kinds of things, for example, for the lulz, adding wordfilters so every instance of the word “Catie” is replaced with the word “fattie” throughout the whole forum, un-modding moderators, deleting the accounts for a few moderator and admin users, and turning off the systems that protect against the spambots.

Some users have already reported that someone has signed in with their password and posted things with their name, changed their passwords, and even some have had their other accounts unrelated to the forum taken away such as their email accounts and in one instance, their Steam account (this happens when you use the same passwords on multiple websites and one of those websites gets hacked)

Some users changed their passwords at this point (as they should have)

Mar 20, the database was restored to its previous backup from Mar 16.  So it was back to the old passwords.  However the security hole that let in the hacker was not patched, therefore, the hacker got right back in and started changing things up again.  (I don’t understand why the admin Intrepid didn’t shut down the forum to fix its problems)

Even though I have not seen any sort of announcement from Intrepid through this entire ordeal, it is my understanding that he is working on getting this fixed so that the hacker no longer has any admin control of the forum.

Update Mar 21: It seems to have been fixed late tonight.  There has been no public communication from Intrepid besides the new note on the top of the forum warning everyone to change their passwords.

Update Mar 22: There is now an announcement about it on the official facebook page, simply saying the site is going down for updates.  It has since then been up and running.

What to do?

  • First, change your password on the forum (again).  That will keep the hacker or anyone who cracked your password from logging in as you.  When (or if) the database is rolled back to Mar 16 again, change it again after that happens because it will be back to your old password again.  Make the password something you don’t use anywhere else, and make it a longer password, like 12 or more characters.
  • Don’t bother posting to the forum right now, anything you post will not be there when they roll back the database to Mar 16 again.
  • Change your password on any other sites that use the same password as what was in the database at the time it was hacked. (March 19)  This is especially true for the account for the email address assigned to your forum account.
  • Read through all your old incoming and outgoing PM’s to remind yourself of any personal information contained there, in case you need to do something with that, such as changing a password somewhere.

Who is responsible?

I keep getting asked this question.  Short answer: I don’t know.

Long answer: A few people are blaming Boxxychan who is the admin of unichan.  I don’t believe this to be the case.  Many people are blaming it on Boxxyfan.  I’m not sure but I think Boxxyfan, anon77, and f0rby are the same person.  (Not to be confused with forby; a completely different person)  The person posting the leaked information to unichan is posting as “f0rby”.

Though he did not use a tripcode so this hacker could be anyone that wants to redirect the blame, or it could be who he says he is, we just don’t know.  As one anon on unichan put it,

It’s not the real f0rby (George) or the fake f0rby (Boxxyfan). It’s 3 layers of impersonation/reference.


Hopefully this is fixed soon and it will all blow over, but even though things like this have happened in the sphere before, none have been of this magnitude.  There is just too much damage from so much personal information being publicly leaked in those private messages.  We have yet to hear what Catie thinks of this.  I intend to provide an update here on occasion.

Update Mar 21: The forum did get taken back down, many things fixed, and put back online and has been returning back to normal late tonight.  We shall see if it is really patched well enough to keep the hackers out from now on.

How to join the Boxxysphere

Being anon is perfectly fine.  Just do that if you want.  But you may desire to make a name for yourself in the Boxxysphere.  Here are some things you can do:

  • Get a youtube account and use it to subscribe to Catie’s 2 main channels: anewhopeee and boxxybabee. Set it up to email you when there is a new video out.
  • Join the forum at http://forum.catiewayne.com.  That was the first thing I did after creating this site.  Pick a username that won’t tell people your real life identity which you can use on all the Boxxy related sites.
  • Start posting on the forum.
  • Lurk http://chan.catiewayne.com for a while, learn what not to do by watching others get banned.
  • You can post to the chan anonymously but that will not get you known. (Personally, I post there anonymously more often than I identify myself using my tripcode.)
  • Make up a tripcode based on your forum username.  That is a username then a # sign then a password.  Use the same name as on the forum so people recognize your name.  The # becomes a ! and the password scrambles.  “me#password” will become “me!8wUTr7ecJ2” Post using that tripcode.  Use 2 # symbols to make it more secure.
  • Get a Twitter account. Add @CatieWayne and other sphere members.  For the most part, if my twitter account doubledaveee is following them, they are part of the sphere.
  • On Fridays Catie uploads new videos to youtube and alternates every other Friday between posting to the chan and the forum.  The combination of participating there, on twitter, and IRC are among the best ways to become known.
  • Same with other social media sites like facebook and Google Plus.  Add sphere friends.
  • Don’t use accounts that some sphere members can use to contact people you know in real life.  Why?  Read about the hacking then doxxing and stalking that happened to Catie in 2009 and you will see why it isn’t a good idea to let your internet friends know your real identity.  Although this isn’t nearly as important anymore.  It is up to you how secure you wish to be.
  • Get in the Boxxy related Tinychat rooms and IRC channel.
  • Make some type of fan art to get attention for yourself.  When Catie comes back around (Every Friday, alternating between using the forum and chan to interact with fans, plus on Twitter), maybe she will have heard of you by then or others can vouch for you.
  • ???