I’m Garnet who take charge in story and web development. The most annoying thing for me just happened this week. Our website http://www.ascenderthegame.com has been hacked twice in two days by some irresponsible hacker groups.

How the web supposed to show

First attack was identified by Citrine, Lead Sound Design and Marketing, after he got a report from Australian named Zack in Indie Game Marketing Facebook Group on Tuesday, 1 September 2015, at 6.15 in the morning. I already woke up in that time, read LINE message from Citrine and he sent me the hacked web screenshot. The first hackers launched a Defacing Attack!

The First Defacing Attack on Ascender The Game Home Site

In a second, I checked our administrator area in the site, I try to make things right and make the home page right but I didn’t notice that our first devlog already defaced too. I analyzed this attack, it’s not really a harmful attack because its only change the look in our website, anything else (files,codes,images) was completely safe, so I replace the index file and modify .htaccess back to normal. But, I suspected they already put a backdoor (that are related to the next attack).  I tried to track down the hackers and in a short time with our networking (friends of friends of friends) + IP tracker tools, we found out the suspect who responsible for defacing our website.

Suspect of first attack on Ascender The Game website in social media

Then, 2nd attack happened in Tuesday evening! This attack is stronger than before. They not only took the page of our web, but also delete all the files in our server! Mother Father! Holy Ship! Football Club of United Kingdom!

The 2nd Attack Screenshot on Ascender The Game Website

After took off from my prime job and got home, I worked on this attack long enough. I’ve been able to track 4 IPs that are inject some scripts in our web, 2 from Jakarta, 1 from Palembang, and another 1 from East Java. When I was in the administrative mode, they were active also, so I can easily track down the activities and put a bait to know where the hole of our system. I made some backups, took off their shell (hacker) script, and made up some script as a bait.

Guess what??? The hole has been found, they were using our less secure devlog (original devlog) that has been using hosted WordPress. We decided to move the devlog to http://www.wordpress.com that a way more secure and reliable than hosted WordPress (in fact, it is because that we only know less about hosted WordPress security, but no doubt with its engine). And, here we are at the new devlog of Ascender The Game! The main website http://www.ascenderthegame.com is secured and safe at least for now! Cheerio 🙂

Signing out from Game Changer Team Headquarters! See you in the next story!

Garnet