On Friday, October 8th, 2021 at approximately 12:04 PM, a player by the name of GamerProPlaysYT (Gamer) joined BCN via the proxy network then left about 20 seconds later. Gamer then joined the Lobby server directly and appeared in the log as a local IP address. How this was accomplished is currently still under investigation. The way a Minecraft network functions is that all servers behind the proxy have to be in offline mode. This means it acts kind of like a cracked server, conducting no authentication whatsoever with the Mojang servers. Since Gamer joined Lobby directly outside the proxy, Gamer was able to spoof its UUID and appear to be any user it wanted to. Gamer decided to spoof me, @StormyIceLeopard, the owner. This unfortunately gave Gamer operator (OP) access. Gamer was able to do anything it wanted. Gamer decided to do harm to BCN. Gamer griefed and destroyed the Lobby, BombBrigaders, and NeoTNT spawns. And on SMP... Gamer wiped my house off the side of the mountain, literally. Gamer also did harm to some plugin configs via commands and messed with our permissions plugin. Ranks/Groups were messed up badly.
Things could have been much worse, though. 4 other players joined BCN during the incident timeframe, at least 2 of them we believe were directly connected to Gamer in some way (eg. being friends). Gamer kept on trying to give OP to these players, but we have safe guards in place to prevent unauthorized use of OP. As soon as these players tried to do anything to interact with the game (move, chat, open inventory, etc.), they were automatically banned for unauthorized OP access.
At approximately 12:28 PM, they all stopped and left. We assume Gamer was frustrated with our anti-OP protection. Then, at approximately 2:00 PM, @SmashbrosThe3rd noticed the log events that took place and started compiling the different logs into a single file to show me what had happened that day. When I got out of class at 3:50 PM, I got into a voice call via Discord with @SmashbrosThe3rd and everything seemed fine... until he told me the news. He shared the file that he had compiled and shortly afterwards I realized the extent of the situation and I quickly shut down all of the servers to prevent further damage at approximately 4:00 PM. For the remainder of Friday and all of Saturday, Me and Smash continued our work, observing and documenting the damage that took place and discussing the possible paths to a full recovery. Due to a lack of proper backups, restoration had to happen manually. HUGE OVER THE TOP THANKS to @SmashbrosThe3rd for helping out on the days he usually takes a break from the PC and enjoys sports on TV.
Throughout Sunday and Monday (October 10th/11th) we worked hard restoring the servers and implementing new safe guards to prevent future incidents like this and new protocols in the event that other incidents do occur we are able to recover faster.
We have also introduced new security measures that you, the average player, can utilize to protect your account on BCN.
We have implemented a 2FA system and a GUI/inventory based 4-digit PIN system.
The 2FA system is based on TOTP, the most secure 2FA method available outside of a physical key.
The 4-digit GUI-PIN system is currently intended to be used alongside our 2FA system because of how it currently functions. Because of this, we may decide to remove it at any time. We'll let you know in a future post if this occurs.
Tutorials on how to use the new security features can be found at the following links (The Tutorials were written by @SmashbrosThe3rd):
2FA Tutorial: https://blizzardcraft.net/in-game_2FA
GUI-PIN Tutorial: https://blizzardcraft.net/in-game_GUI-PIN
We are very sorry for the weekend down time and for the long delay of disclosure to you all. This happened on the weekend before midterm exams. I got very busy and did not have much time to allocate to this issue.
If it weren't for @SmashbrosThe3rd, BCN wouldn't have gotten back online as quickly as it did, the issue persisting longer than it did. Hard times happen, but we get through them and move on, stronger, smarter and more prepared. We are resilient and we will not be discouraged because one person decided to do something that'll get it in serious, real-life trouble. The world offers us challenges. Sometimes, it may seem like they're impossible, but they end up accomplished. How are they accomplished? Perseverance. Harsh endurance. Pure human instinct. We know that more are coming and we will be ready. But for now, we breathe, preparing for what's next. (And, yes, this whole paragraph (Plus grammar & other fun stuff) was written by @SmashbrosThe3rd. If Stormy had wrote that, I would've been more impressed than humans landing on the moon.)
Enjoy playing on BCN once again! I wish you all a great final-third of October, and Happy Halloween! This whole thing has been scary, but rest assured that scary movies are scarier than jumpscares by family and friends. (Oh, and this whole thing, too.)