They hit back, ten times as hard, and completely destroyed a well-established forum, with thousands of users, that had experienced an annoying (but not crippling) "penis pill" spam attack.
So like... Backups? Restore, put it behind basic auth and email the password to the members active in the past few weeks, then at your leasure implement some captchas and go from there. Heck, restore the forum publicly as well and use that as a sandbox to see how they'll bypass it.
In all fairness, the person involved was a truly brilliant young man, and the experience pretty much shattered him, emotionally. He has yet to recover from it.
In a way, it can be satisfying to be able to say "I told you so," but seeing the human cost kinda takes the fun out of smugness.
I was not directly involved in the incident; hearing about it after the fact.
My understanding is that a forum spammer started registering fake accounts, and then did what they do. The admin saw this. He was quite smart, and figured out who they were, then executed some kind of attack on their server. I think it was a DDoS attack.
When they responded, the used a bunch of privilege escalation attacks to promote some of their registered users (It was a badly-maintained phpBB site; otherwise known as "Swiss Cheese"), and blew away a lot of the site structure and templates, so it basically imploded.
Yeah, it was his "baby." He was also involved in a running battle of nerd egos with some other folks, who used the incident to discredit him, and drove him out.
He said DDoS which has nothing to do with the data itself, and auth/captcha won't help. You'll have to upgrade to beefier servers, fatter pipes, or pay for a reverse proxy.. CF is free now and kinda helps sometimes, but it wasn't in the past, and any hacker with a grudge can take down your site anyway. It's about forcing you to spend money; which, if you're a hobby site forum host, you probably don't have.
Ah, right, I read it differently but I think you're right. In my initial understanding the spammers hit back by a huge spam wave, but a counter DDoS could also be.
They hit back, ten times as hard, and completely destroyed a well-established forum, with thousands of users, that had experienced an annoying (but not crippling) "penis pill" spam attack.