×
  • remind me tomorrow
  • remind me next week
  • never remind me
Subscribe to the ANN Newsletter • Wake up every Sunday to a curated list of ANN's most interesting posts of the week. read more

Forum - View topic
NEWS: ADV Films Website Hacked


Goto page Previous  1, 2, 3, 4, 5

Note: this is the discussion thread for this article

Anime News Network Forum Index -> Site-related -> Talkback
View previous topic :: View next topic  
Author Message
DemonEyesLeo



Joined: 20 Feb 2005
Posts: 844
Location: Japan
PostPosted: Tue May 09, 2006 6:36 pm Reply with quote
Glad to see them back up. I was going to order something off their site until this hack happened. Now that's it's over I can order.
Back to top
View user's profile Send private message AIM Address My Anime My Manga
Kriptor



Joined: 04 Jan 2003
Posts: 1
Location: ca
PostPosted: Tue May 09, 2006 7:27 pm Reply with quote
Obviously ADV will help fund a new anime project called AYYILDIZ TEAM that involves turkish terrorists hacking random sites in the name of the Ottoman empire. The theme song will just be that logo flashing randomly playing with that music, then through out the show that same song will randomly play during every hacking scene. ............. hey it could be cool! Didn't you ever see that movie hackers!

AYYILDIZ TEAM is the best of cyber attack group in the world not to be confused with AYIYLDZI TEAM is the best of cyber sex group in the world, who will show up in episode 12 when the two groups get into a fight over there similar names.

Serious tho who sings that song and what is it called!


Last edited by Kriptor on Tue May 09, 2006 7:38 pm; edited 1 time in total
Back to top
View user's profile Send private message AIM Address
-Hentai-



Joined: 08 May 2006
Posts: 5
Location: Maine
PostPosted: Tue May 09, 2006 7:35 pm Reply with quote
Kriptor wrote:

Serious tho who sings that song and what is it called!


I'm guessing "Mehter" by Pentagram (haven't heard of it before, though). I made a thread on the Anime Network forums about the hacking. The links to the song and forum it was hosted on no longer work, though.

EDIT: Oh yeah, you have to register to view that part of the forum... If you want to see the thread, just go 'n register.
Back to top
View user's profile Send private message Visit poster's website AIM Address
Zalis116
Moderator


Joined: 31 Mar 2005
Posts: 6900
Location: Kazune City
PostPosted: Tue May 09, 2006 9:28 pm Reply with quote
Actually, if this group's claims are to be believed, maybe ADV should contact them and take advantage of AYYILDIZ's mysterious powers in order to erase all sites hosting torrents of ADV materials from the Internet Laughing
Back to top
View user's profile Send private message My Anime My Manga
fighterholic



Joined: 28 Sep 2005
Posts: 9193
PostPosted: Wed May 10, 2006 1:33 am Reply with quote
I juzs got a look at the original hack, and that's a bad-ass design right there. Maybe for a tattoo or something. And the guy said he liked the "Turkish terrorist music"
Back to top
View user's profile Send private message My Anime
Yoda117



Joined: 11 Sep 2005
Posts: 406
PostPosted: Wed May 10, 2006 8:13 am Reply with quote
As previously reported, the ADV Films webiste at www.advfilms.com was hacked on Saturday morning by a group of Turkish hackers called Ayyildiz. Webpages on the site were defaced with the Ayyildiz logo message. Ayyildiz commonly hacks websites and defaces them with a propaganda message claiming that the Armenian genocide was an act of self-defense. The message also attacks the Kurdish PKK and their backers, and states that any country that is treacherous towards Turkey will have its websites "erased from the Internet."

A mirror of the original hack can be seen here.

ADV removed the hacked server on Saturday morning, no more than a few hours after the original hack itself. Their website resumed regular operation on Sunday evening. According to Mark Williams, CTO at ADV, they took advantage of the downtime to implement several already prepared expansions, including the addition of new servers. The reparations took longer than Williams would have liked as it was the weekend and several staff we're out of town for the weekend. "Plus," adds Williams, "We liked the Turkish terrorist music."

Williams states that the vulnerability that lead to this attack has been corrected and that the only server affected was a front end content-caching server, no customer data was affected in any way.


Translation: It was a script kiddie attack and we were too cheap with our security to worry about it until it cost us public embarassment and sales.
Back to top
View user's profile Send private message Visit poster's website
Kouji



Joined: 01 Oct 2005
Posts: 978
PostPosted: Wed May 10, 2006 8:32 am Reply with quote
Yoda117 wrote:
[i]

Translation: It was a script kiddie attack and we were too cheap with our security to worry about it until it cost us public embarassment and sales.
Expect that it didn't cost ADV any sales because the customer data was unaffected....
Back to top
View user's profile Send private message AIM Address Yahoo Messenger MSN Messenger My Anime My Manga
DragonsRevenge



Joined: 15 Nov 2004
Posts: 1150
PostPosted: Wed May 10, 2006 8:50 am Reply with quote
For those that care-
Pentagram is a metal band from Turkey (duh). They now go by the name Merzarkabul. For more info: http://bnrmetal.com/groups/pen2.htm
Back to top
View user's profile Send private message
Yoda117



Joined: 11 Sep 2005
Posts: 406
PostPosted: Wed May 10, 2006 9:25 am Reply with quote
Kouji wrote:
Expect that it didn't cost ADV any sales because the customer data was unaffected....


Depends on how you look at it.

I look at it as people not being able to order anything from the website for close to two days. I also look at the number of people who will not order through there anytime soon due to fears of possible compromise.

ADV can say that no customer data was comprimised, and that is probably true. It doesn't change the fact that more than a few people will think twice before putting their CC on the system.

part of the game when you run a webstore.

You choose to view it as, no customer data was affected so there's no problem. I view it as more than a day (actually closer to two) days of lost web sales, and loss of future sales due to customer concerns over security.
Back to top
View user's profile Send private message Visit poster's website
ZeroRyoko1974



Joined: 09 Jun 2004
Posts: 258
PostPosted: Wed May 10, 2006 12:32 pm Reply with quote
I would have to agree with ADV for once, that was a pretty cool tune.
Back to top
View user's profile Send private message
MorwenLaicoriel



Joined: 26 Feb 2006
Posts: 1617
Location: Colorado
PostPosted: Wed May 10, 2006 1:28 pm Reply with quote
Kaym wrote:
Quote:
"We liked the Turkish terrorist music."



.... HAHA ..Yeah..
Twisted Evil


It's nice to see ADV can have a sense of humor about it...Anime hyper

Still, though, it was pretty bad that someone was able to hack their site.
Back to top
View user's profile Send private message Send e-mail AIM Address My Anime My Manga
doc-watson42
Encyclopedia Editor


Joined: 10 Feb 2003
Posts: 1709
PostPosted: Wed May 10, 2006 9:19 pm Reply with quote
joel_s95387 wrote:
I wonder if the Manga Ent. website will ever get hacked and updated. :lol:


Actually, it was updated very recently (as pointed out in the Anime on DVD Forums)—see here. Unfortunately, it requires you to have the latest version of Macromedia Flash. :-P~~~

As for credit card data on ADV's site, they don't seem to keep it longer than necessary to process charges—at least, the shopping cart requires you to input your data every time you check out; there is no option to save it for future purchases.

Lastly, part of the shopping cart seems to still be down, since I can not get it to check out.
Back to top
View user's profile Send private message Send e-mail
Keonyn
Subscriber



Joined: 25 May 2005
Posts: 5567
Location: Coon Rapids, MN
PostPosted: Wed May 10, 2006 10:01 pm Reply with quote
Quote:
Still, though, it was pretty bad that someone was able to hack their site.


Well, can't be too hard on them, unfortunately complete security on the net is somewhat of a myth. Their customer database with credit cards is likely behind encryption but a website wouldn't be and if a group really wants to get in then they probably will.
Back to top
View user's profile Send private message Visit poster's website My Anime My Manga
Anime_Freak



Joined: 07 Dec 2002
Posts: 420
Location: Oklahoma
PostPosted: Thu May 11, 2006 2:42 pm Reply with quote
Keonyn wrote:
Quote:
Still, though, it was pretty bad that someone was able to hack their site.


Well, can't be too hard on them, unfortunately complete security on the net is somewhat of a myth. Their customer database with credit cards is likely behind encryption but a website wouldn't be and if a group really wants to get in then they probably will.


True. Like the old saying goes "If you want something bad enough, you'll find a way to get it" or something close to that anyway. But what I'm saying is that if they REALLY wanted to do serious damage, they would've done more than just deface their front/main page.
Back to top
View user's profile Send private message Send e-mail Visit poster's website AIM Address Yahoo Messenger MSN Messenger My Anime My Manga
Yoda117



Joined: 11 Sep 2005
Posts: 406
PostPosted: Fri May 12, 2006 6:32 am Reply with quote
doc-watson42 wrote:
joel_s95387 wrote:
I wonder if the Manga Ent. website will ever get hacked and updated. Laughing


Actually, it was updated very recently (as pointed out in the Anime on DVD Forums)—see here. Unfortunately, it requires you to have the latest version of Macromedia Flash. Razz~~~

As for credit card data on ADV's site, they don't seem to keep it longer than necessary to process charges—at least, the shopping cart requires you to input your data every time you check out; there is no option to save it for future purchases.


And also your credit card isn't charged automatically when you make an order, or anytime within what one would consider reasonable for an instant transfer of funds.

Meaning that the data is stored for some time, even if it is a short one.

I don't have access to their W2B architecture, so unless someone does for sure, we're left somewhat at a loss. I am sure that someone could get it without authorization directly, but the thought of violating several state and federal laws to do so makes the effort a little less glamorous for me.

Besides, I'd lose my CISSP, SSCP, and various GIAC certifications in the process, and I use those for my FT day-job thank you very much.

Possible jail time doesn't thrill me either.

People are right in saying that if you want something badly enough, you'll find a way to bypass any form of security. Given enough time and resources, no security, physical or electronic is impervious. Additionally, the CIA triangle shows us that in having an easily accessable web store, we lose confidentiality and integrity. However, from many years in the field, I can tell you one immutable fact: whenever one part of a website goes down due to a simple hack, you can rest assured that something even more critical isn't properly protected either.
Back to top
View user's profile Send private message Visit poster's website
Display posts from previous:   
Reply to topic    Anime News Network Forum Index -> Site-related -> Talkback All times are GMT - 5 Hours
Goto page Previous  1, 2, 3, 4, 5
Page 5 of 5

 


Powered by phpBB © 2001, 2005 phpBB Group