Feeds

Hacked flight sim site in catastrophic crash and burn

Avsim, RIP

New hybrid storage solutions

A popular website for users of flight simulation gear has been felled, most likely fatally, after malicious hackers attacked both of the servers housing more than 12 years worth of content supplied by its 60,000 members.

Tom Allensworth, the founder of Avsim.com, said in a statement that that an attack on Tuesday left the site "effectively destroyed." He added: "The method of the hack makes recovery difficult, if not impossible, to recover from. We are not able to predict when we will be back online, if we can come back at all."

The news sent an outpouring of sympathy and rage on temporary forum boards set up in the aftermath. "I just read a post in the SimV forums about the veritable catastrophe that has struck Avsim, and along with it, the flightsimming community as a whole, and was shocked, furious and saddened all at the same time," one participant wrote.

But the debacle has also led to criticism that Avsim operators didn't take steps to better protect the site's rich store of content. According to Allensworth, data from the library and email server was backed up on a separate server for the website and forums and vice versa. Alas, it would appear there was never a master copy stored offsite and offline, so when both servers were attacked, more than a decade of links, software modifications, and exchanges were permanently destroyed.

"Who would have predicted the simultaneous successful attacks on our system?" Allensworth wrote in one message. "Over 12 years of very secure operation and no successful attacks kind of indicated to me that our approach was at least working. On Tuesday, the 12th of May at about 10:00 p.m. EDT, we found out otherwise."

The trouble started earlier that evening, when parts of the site stopped working, according to this account. First, FTP and SSH access to the site stopped working, and later, the web and forum server was knocked offline. Soon, the email and library server also showed signs of problems. It wasn't until the servers were rebooted that the admins discovered that "the partitions on both servers had been removed."

It remains unclear who is responsible or exactly how the attacks were carried out. ®

Secure remote control for conventional and virtual desktops

More from The Register

next story
Leak of '5 MEELLLION Gmail passwords' creates security flap
You should be OK if you're not using ANCIENT password
Google recommends pronounceable passwords
Super Chrome goes into battle with Mr Mxyzptlk
Reddit wipes clean leaked celeb nudie pics, tells users to zip it
Now we've had all THAT TRAFFIC, we 'deplore' this theft
Enigmail PGP plugin forgets to encrypt mail sent as blind copies
User now 'waiting for the bad guys come and get me with their water-boards'
YouTube, Amazon and Yahoo! caught in malvertising mess
Cisco says 'Kyle and Stan' attack is spreading through compromised ad networks
prev story

Whitepapers

Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.