Main Page

9th May 2013 - Downtime/Security issue update

Last month we elaborated on the downtime of a number of our services from approximately 1st April - 9th April 2013. We revealed that the downtime was a result of our admins identifying "suspicious activity" surrounding our primary server.

Three days ago, a hacking group published a document detailing some of their latest activities. In it, they claim that SwiftIRC servers were targeted because they believed that a rival group may be using our network for their own communication. The document goes on to detail how the group compromised some high profile targets including Linode and its domain registrar, all in an effort to gain access to SwiftIRC servers and consequently the unnamed rival group.

We can confirm that SwiftIRC uses Linode to host a variety of our services, and that in the early hours of April 1st 2013 we were alerted to suspicious activity on our primary server (specifically, an unexpected reboot). While investigating the cause of this reboot we also became locked out of our Linode management account. At this point we requested assistance from Linode, and thankfully they were able to rapidly investigate and disable our compromised account as well as shut down the affected server to prevent any further damage.

With the server offline and assumed secure for the time being, we began attempting to discover the root cause of this security compromise. Unfortunately, we were unable to find any explanation for the compromise through the expected channels (an admin's home computer being compromised etc.).

During our post-mortem we were also able to identify the activity that took place on our compromised server during the approximately 20 minute window that it was accessed. It appears that in addition to gathering basic information on the server itself, the attacker was attempting to create some sort of backdoor into our server as well as create a compressed archive of various locations on our server, apparently intending to retrieve it at a later date from our own web site.

However, based on what we have been able to determine, the attempts to retrieve any of our internal or user data were unsuccessful through this vector due to the limited amount of time that the server was accessible. While it appeared that the server was not irrevocably compromised, we decided to err on the side of caution and keep it offline while preparing a brand new server installation.

With regard to the allegation that this security compromise (as well as that of our service provider) was related to a "rival group" using our services, we have conducted a basic analysis of our current user base and concluded that the majority of our users and channels are legitimate. Obviously it is entirely possible for users to create private channels and discuss any subject -- controversial or not -- without oversight or knowledge from the network staff or users in general. This is a result of SwiftIRC's size and diversity, and while it is regrettably possible for a small number of users to cause trouble for the network at large, we do not believe that this is a fair reflection of SwiftIRC or its users in general.

This overall situation, if reported accurately, is concerning for us as it is unlike anything else we have seen in our 8+ years of operation. With this eye-opener on the sorts of unwanted attention our network could conceivably receive, we will endeavour to refine our own security policies and practises so that we are in a better position to avoid any further issues of this nature.

We would like to thank you for your understanding and continued support for SwiftIRC.

- The SwiftIRC Administration

4th May 2013 - Server Delinked: intersect.tx.us.swiftirc.net

Let it be known that henceforth, Intersect and its Server Administrator Nerdie is delinked from the network.

Please keep in mind that this means Nerdie is no longer a staff member, and should not be trusted with any 'confidential' information.

Consequently, we have performed some maintenance on our servers and we encourage users experiencing any instability to please come to #support and report it to an Operator there.

In more important (and much more interesting) news, we have decided to promote Jake to the role of IRC Operator in hopes that he will bring some sort of order to the chaos.

We welcome Jake and the ideas and support he brings to the network, and thank him for all the service he has provided as a Help Operator.

Please treat him with respect (or not) as he goes through the transition stage and learns the ropes (at a grandma's pace, seriously what is up with this guy does he even lift?)

“Just as I had long suspected, a person didn't really need math for anything anyway. Maybe some people did. Some limited people.”

― Augusten Burroughs, Possible Side Effects

17th April 2013 - SwiftIRC Class Event This Weekend!

Hello SwiftIRC Users,

The SwiftIRC Class Team is proud to announce a 4th event for the SwiftIRC network! This class event will cover basic channel management, followed by a question and answer session. Hopefully this session will give you the opportunity to learn something new about essential ChanServ features and commands.

Please note that this will be part 1 for 'Channel Management' - we fully expect to host a part 2 in the near future!

The topics involved in this class are as followed:

• Registering a Channel

• Basic Channel Maintenance

• ChanServ Access

When:

Where: #class

Topic: Channel Management (pt 1)

Who: YOU and the SwiftIRC Class Team

Visit our forums and you can join in on the discussion!

We hope to see you there!

Thanks, SwiftIRC Community Department

Browse the news archive