Hello,
Semi-recently a/some player(s) by the name of "Dragnyl," "Animised_Fox," and perhaps "sk8rrchik" (I do not know if these are the same person with alternate accounts or multiple hackers who found some hacked client that found a flaw in FTB -- their IP addresses are all different) have come on my server and wreaked significant havoc.
The first attack consisted of Dragnyl joining, offering creative items, and threatening players. He followed through with these threats by killing players with nukes all over the world. The logs show nothing special in this case, except RebornCore talking about how long explosions took. This player is not in ops.json and they have no data in LuckPerms (other players who have the default rank do have data in LuckPerms). After Dragnyl was banned (which seems to have worked), another account called Animised_Fox joined and wreaked similar havoc.
Now, just today, a player called "sk8rrchik" joined and shortly after everyone online was teleported outside the server's world border to very high coordinates. These very high coordinates caused server crashes when some players joined, and internal server errors when others did. I was able to repair these issues by teleporting these players back to spawn as they joined. It should be noted, however, that sk8rrchick only joined just before this teleportation happened -- they may have nothing to do with it.
Has anyone else experienced similar issues? If so, what did you do? If not, can you recommend anything?
Also, if you need any extra information please let me know, I am quite at a loss for what to do.
Extra information:
Semi-recently a/some player(s) by the name of "Dragnyl," "Animised_Fox," and perhaps "sk8rrchik" (I do not know if these are the same person with alternate accounts or multiple hackers who found some hacked client that found a flaw in FTB -- their IP addresses are all different) have come on my server and wreaked significant havoc.
The first attack consisted of Dragnyl joining, offering creative items, and threatening players. He followed through with these threats by killing players with nukes all over the world. The logs show nothing special in this case, except RebornCore talking about how long explosions took. This player is not in ops.json and they have no data in LuckPerms (other players who have the default rank do have data in LuckPerms). After Dragnyl was banned (which seems to have worked), another account called Animised_Fox joined and wreaked similar havoc.
Now, just today, a player called "sk8rrchik" joined and shortly after everyone online was teleported outside the server's world border to very high coordinates. These very high coordinates caused server crashes when some players joined, and internal server errors when others did. I was able to repair these issues by teleporting these players back to spawn as they joined. It should be noted, however, that sk8rrchick only joined just before this teleportation happened -- they may have nothing to do with it.
Has anyone else experienced similar issues? If so, what did you do? If not, can you recommend anything?
Also, if you need any extra information please let me know, I am quite at a loss for what to do.
Extra information:
- I am using SpongeForge with FTB Beyond
- FTB Beyond is entirely default except for the removal of FTB Utilities and RFTools dimensions
- The additional mods/Sponge plugins are: Dynmap, FlexibleLogin, Nucleus, GriefPrevention, Nuvotifier, LuckPerms, Prism, and MinecraftMarket.
- The server is running on Ubuntu Server 16.04 LTS x64 with key-only SSH with a key only I have being the only way to access the server.
Last edited: