– IRC News

All about Internet Relay Chat

Password leak at QuakeNet (updated)

“As you may have noticed, earlier today the password for every Q account was changed. This was due to a suspected leak of some encrypted passwords from the QuakeNet website, shortly beforehand, causing the passwords to be changed as a precautionary measure whilst we investigated”, magpie reports at the QuakeNet website.

The site also recommends that if you use this same password for other services, on IRC or not, to change those passwords as well.

“We would like to assure users that we are working hard to ensure this cannot happen again, and we apologise for any inconvenience caused”, magpie finishes.

Update 23 Nov: We have been able to contact Magpie now concerning this issue. There was quite some rumour that the leak was caused by the currently know phpBB exploit.

“… yes, the initial point of entry was through the forum. I’m not completely blaming phpBB here, we obviously have to take most of the blame; although it was mainly due to an unfortunate set of circumstances whereby the copy of the password hashes was in the process of being moved (intending to be left on the same box as the forums for a short period of time, alas this period of time was too long)”, Magpie replies to IRC-Junkie in a reaction.

The database in question was however not Q’s main database Magpie assured IRC-Junkie. “This is always kept physically separate, and always will be.”

“… we’re taking steps to ensure this doesn’t happen again, and that we’re deeply sorry for any inconvenience this has caused”, Magpie finishes.

QuakeNet restricts connections

Due to extensive abuse and trojan connections from several ISP’s the connections from those ISP’s have been restricted to a maximum of two connections per host.

“Any users attempting to make more than two connections to the network will receive an error message of “Too many connections from your host”, as well as having their connection refused. We apologise to any legitimate users connecting from these hosts, but the situation has become unavoidable”, magpie announced on the QuakeNet website.

ISP affected include Wannadoo in the Netherlands and France,,, and the well known Spanish

IRCJunkie contacted QuakeNet for a few questions but got no response back.