Wikipedia:Wikipedia Signpost/2007-05-14/Compromised accounts

From Wikipedia, the free encyclopedia

The Wikipedia Signpost


Administrator status restored to five accounts after emergency desysopping

By Thatcher131, 14 May 2007

Last week the Signpost reported that four administrator accounts which had used weak or insecure passwords were indefinitely blocked and desysopped after they were hijacked by an unknown person who cracked the password.

This week, a fifth administrator account was temporarily hijacked by the same vandal, although it was restored to the user's control a few hours later. All four of the original administrator accounts have been unblocked and resysopped. Mangojuice has proposed a method by which editors may place encrypted identifying information about themselves on their user pages, so they can easily confirm their identity in case of future password attacks (see related story).

KnowledgeOfSelf

On Tuesday, May 8, KnowledgeOfSelf (talk contribs blocks protects deletions moves rights) reported (via an alternate account ActWonActToo) that he had been logged out of his account and his password and e-mail address had been changed. Commenters on the Administrators' noticeboard were initially split on whether to accept the claim, but when KnowledgeOfSelf uploaded an obscene image with a deceptive name, the account was immediately blocked and desysopped. Checkuser confirmed that ActwonActToo was KnowledgeOfSelf, and that the account had been hijacked by the same user who was responsible for hijacking four other administrator accounts the day before. KnowledgeOfSelf stated that he had used a strong password [1] [2], so the method of hijacking remains unknown. KnowledgeOfSelf was able to identify himself to Brion VIBBER, who reset the account password to enable KnowledgeOfSelf to retake control about 5 hours later. Bureaucrat Raul654 restored his administrator privileges.

AndyZ

AndyZ (talk · contribs · deleted contribs · logs · block user · block log) was blocked and desysopped on Monday, May 7, after his password was compromised and his account used for vandalism. AndyZ was unblocked on Tuesday, after establishing his identity to Mark. His administrator rights were restored on Wednesday.

Jiang

Jiang (talk · contribs · deleted contribs · logs · block user · block log), who was also blocked and desysopped Monday morning, was unblocked Monday evening, May 7 and resysopped Thursday evening, May 10.

Marine 69-71

Marine 69-71 (talk · contribs · deleted contribs · logs · block user · block log) was unblocked and resysopped on Monday, May 7, a few hours after the hijacking.

Conscious

Conscious (talk · contribs · deleted contribs · logs · block user · block log) was unblocked and resysopped Thursday after checkuser confirmed that he was still in control of his account.

BuickCenturyDriver

Finally, the indefinite block on BuickCenturyDriver (talk · contribs · deleted contribs · logs · block user · block log) was lifted three days after the incident, based on an apology and on checkuser evidence that he was responsible for blocking Ryulong from AndyZ's account but was not the culprit behind the attack.

See also


Also this week: Compromised accountsCommitted identityAcademic journal coverageWikiWorldFeatures and adminsArbitration