Blender website under maintenance due to hacking attempt (twitter.com) 44 points by funkaster 5y ago ↗ HN
[–] ralusek 5y ago ↗ What monster would hack Blender? [–] hanniabu 5y ago ↗ Seriously. There's so many worthy targets out there so much more deserving and here they are attacking a top open source project. [–] Ansil849 5y ago ↗ Most website 'hacks' are not targeted, but are the result of automated scanning tools for known vulnerabilities. [–] anaganisk 5y ago ↗ Thinking on a hacker perspective, it makes more sense because he can reach wider audience. [–] esperent 5y ago ↗ ... Autodesk? [–] sporkologist 5y ago ↗ No, more likely Microsoft Paint 3D [–] Shadonototro 5y ago ↗ you laugh, but i heard Microsoft wanted to offer their services for Blender CloudI also heard some acquisition talksYou'll be surprised what we hear when you can step into shareholders meetings ;)It's pretty common, microsoft is on the offensive stance these days ;) it's nasty, but "we are at war" right? i mean "they" [–] Flex247A 5y ago ↗ I'd bet on Tux paint ;) [–] chaostheory 5y ago ↗ Someone who’s real target is Blender’s users. [–] DarkStar851 5y ago ↗ Yep, seeing a lot of these pop up lately. Probably an attempted supply chain attack.https://en.wikipedia.org/wiki/Supply_chain_attackedit: To be clear, if it was this, it wasn't successful. Blender team checked out the downloads and everything's fine. But that's a likely motive I'd say. [–] c2h5oh 5y ago ↗ Hardware you'd get for good performance with Blender also happens to be the hardware you'd get for crypto mining.. [–] c2h5oh 5y ago ↗ Blender users are one of the most profitable targets if you could get crypto mining malware on their PC.
[–] hanniabu 5y ago ↗ Seriously. There's so many worthy targets out there so much more deserving and here they are attacking a top open source project. [–] Ansil849 5y ago ↗ Most website 'hacks' are not targeted, but are the result of automated scanning tools for known vulnerabilities. [–] anaganisk 5y ago ↗ Thinking on a hacker perspective, it makes more sense because he can reach wider audience.
[–] Ansil849 5y ago ↗ Most website 'hacks' are not targeted, but are the result of automated scanning tools for known vulnerabilities.
[–] anaganisk 5y ago ↗ Thinking on a hacker perspective, it makes more sense because he can reach wider audience.
[–] esperent 5y ago ↗ ... Autodesk? [–] sporkologist 5y ago ↗ No, more likely Microsoft Paint 3D [–] Shadonototro 5y ago ↗ you laugh, but i heard Microsoft wanted to offer their services for Blender CloudI also heard some acquisition talksYou'll be surprised what we hear when you can step into shareholders meetings ;)It's pretty common, microsoft is on the offensive stance these days ;) it's nasty, but "we are at war" right? i mean "they" [–] Flex247A 5y ago ↗ I'd bet on Tux paint ;)
[–] sporkologist 5y ago ↗ No, more likely Microsoft Paint 3D [–] Shadonototro 5y ago ↗ you laugh, but i heard Microsoft wanted to offer their services for Blender CloudI also heard some acquisition talksYou'll be surprised what we hear when you can step into shareholders meetings ;)It's pretty common, microsoft is on the offensive stance these days ;) it's nasty, but "we are at war" right? i mean "they"
[–] Shadonototro 5y ago ↗ you laugh, but i heard Microsoft wanted to offer their services for Blender CloudI also heard some acquisition talksYou'll be surprised what we hear when you can step into shareholders meetings ;)It's pretty common, microsoft is on the offensive stance these days ;) it's nasty, but "we are at war" right? i mean "they"
[–] chaostheory 5y ago ↗ Someone who’s real target is Blender’s users. [–] DarkStar851 5y ago ↗ Yep, seeing a lot of these pop up lately. Probably an attempted supply chain attack.https://en.wikipedia.org/wiki/Supply_chain_attackedit: To be clear, if it was this, it wasn't successful. Blender team checked out the downloads and everything's fine. But that's a likely motive I'd say. [–] c2h5oh 5y ago ↗ Hardware you'd get for good performance with Blender also happens to be the hardware you'd get for crypto mining..
[–] DarkStar851 5y ago ↗ Yep, seeing a lot of these pop up lately. Probably an attempted supply chain attack.https://en.wikipedia.org/wiki/Supply_chain_attackedit: To be clear, if it was this, it wasn't successful. Blender team checked out the downloads and everything's fine. But that's a likely motive I'd say.
[–] c2h5oh 5y ago ↗ Hardware you'd get for good performance with Blender also happens to be the hardware you'd get for crypto mining..
[–] c2h5oh 5y ago ↗ Blender users are one of the most profitable targets if you could get crypto mining malware on their PC.
[–] kevincox 5y ago ↗ I'm confused by the word "attempt". If it was just an attempt why is the site down?Is it taking the site offline that thwarted the attempt? Or was the attack successful and they are working on mitigation and restoration? [–] tinus_hn 5y ago ↗ - Perhaps they want to make sure they know what information was taken- Perhaps they want to make sure they know what happened so they can make sure it doesn’t happen again- Perhaps they need time to do a full restore just in case [–] kevincox 5y ago ↗ Those three all sound like there was a successful hack. [–] tinus_hn 5y ago ↗ What is an ‘unsuccessful hack’?
[–] tinus_hn 5y ago ↗ - Perhaps they want to make sure they know what information was taken- Perhaps they want to make sure they know what happened so they can make sure it doesn’t happen again- Perhaps they need time to do a full restore just in case [–] kevincox 5y ago ↗ Those three all sound like there was a successful hack. [–] tinus_hn 5y ago ↗ What is an ‘unsuccessful hack’?
[–] kevincox 5y ago ↗ Those three all sound like there was a successful hack. [–] tinus_hn 5y ago ↗ What is an ‘unsuccessful hack’?
16 comments
[ 3.0 ms ] story [ 50.5 ms ] threadI also heard some acquisition talks
You'll be surprised what we hear when you can step into shareholders meetings ;)
It's pretty common, microsoft is on the offensive stance these days ;) it's nasty, but "we are at war" right? i mean "they"
https://en.wikipedia.org/wiki/Supply_chain_attack
edit: To be clear, if it was this, it wasn't successful. Blender team checked out the downloads and everything's fine. But that's a likely motive I'd say.
Is it taking the site offline that thwarted the attempt? Or was the attack successful and they are working on mitigation and restoration?
- Perhaps they want to make sure they know what happened so they can make sure it doesn’t happen again
- Perhaps they need time to do a full restore just in case