By Aaron Waldron
On Monday evening, RC racers and event promoters noticed a problem with the RCSignup page.
It had been hacked. A single image replaced the RCSignup home page, with a song playing in the background.
Creepy, right? The logo is that often used by activist hacker group Anonymous - and Alamdar seems specifically to refer to an Arabic hacking group, though I couldn't find information on Dr. Hard specifically. It wasn't the first time the site had been targeted - the Bangaladeshi group Murkho Lyly's Facebook page still lists RCSignup among the sites it attacked back in 2014.
The problem continued for about a day, which included a different home page image.
As the RC community noticed what was going on, questions arose about the security of any personal information as well as the existing database of racing events that had been added to the site. I reached out to Bobby Phillips for an update on the situation.
Aaron Waldron: Did you have any warning that something might happen?
Bobby Phillips: No, there was no warning.
AW: Did the site's database contain any sensitive user information that may have been compromised?
BP: RCSignup DOES NOT store any credit card or payment information in the database. We are just the ‘middle-man’ for race entry payments and all payment credit card/payment information is handled through PayPal. We do not capture any of that data. We do capture name, address, phone and email during registration so that Race Directors can contact entrants or mail out T-shirts prior to the event. However, at this point there is no evidence that any of that information was compromised.
AW: When did the problem happen? What has the timeline been like since then? Were there any other problems?
BP: The issue appeared to occur Monday evening. Since then, we have been working with our hosting service to locate the security vulnerability and remove it. So far, there has been no additional trouble.
AW: Were the races presently uploaded to the site backed up?
BP: Yes, the application server and the database are backed up nightly.
AW: Why do you think RCSignup might have been targeted?
BP: The truth is that I do not why we were targeted. As the most popular RC race registration site on the internet, we get a lot of traffic. Perhaps the popularity of the site had something to do with it being targeted.
Despite the fact that we don’t capture any credit card or payment information from the racers, we take information security very seriously. We will be implementing additional features in the future to further reduce the risk of a security breach. We apologize for the site being partially down during this issue and hope that we did not cause too many problems to our users. Additionally, we would like to extend our sincere appreciation to the RCSignup users for their support.