SpacePolice89

Why is Bricklink down?

Recommended Posts

Yesterday evening Bricklink was closed and it's still down today. They only display this message: "We're sorry Bricklink isn’t currently available.
Update November 4th. 3.58 am EST We continue to investigate the unusual activity. We want to make sure we take the time to investigate fully. We will be back up and running as soon as possible"

Do you have any information about what has happened? Is it a cyber attack from Russia or North Korea?

Share this post


Link to post
Share on other sites

Nothing is certain until there is an offical response. While it seems very likely that some inactive accounts got taken over, I have doubts about that post asking 50k from Lego beeing from that hackers. Obviously they trying to make money from selling not existing sets and minifigs, so actually threating to delete inventorys and such would  hurt their own scam. Looks more like someone is trying to scam some money for himself out of the situation, especially since it would be very unlikely Lego would be paying this.

Share this post


Link to post
Share on other sites
1 hour ago, Black Falcon said:

Obviously they trying to make money from selling not existing sets and minifigs, so actually threating to delete inventorys and such would  hurt their own scam

This is the thing that's confused me most about the whole situation - in what way does deleting store listings actually help any scammers? It's not like they'd get hold of the physical bricks, Bricklink could almost certainly just restore the previous listings and even if not - the only cost would be to the store owners who have to then spend the time relisting stuff. It's a threat which doesn't materially benefit the scammers in any way. Very bizarre.

Share this post


Link to post
Share on other sites
15 minutes ago, Alexandrina said:

This is the thing that's confused me most about the whole situation - in what way does deleting store listings actually help any scammers? It's not like they'd get hold of the physical bricks, Bricklink could almost certainly just restore the previous listings and even if not - the only cost would be to the store owners who have to then spend the time relisting stuff. It's a threat which doesn't materially benefit the scammers in any way. Very bizarre.

The site has to be down while he's in there to prevent a lot of frustration, so I guess he's hoping the loss in sales will drive Bricklink to just pay the ransom? With the resources TLG has, I don't think the downtime will be anything too drastic

Share this post


Link to post
Share on other sites
7 hours ago, SpacePolice89 said:

Yesterday evening Bricklink was closed and it's still down today. They only display this message: "We're sorry Bricklink isn’t currently available.
Update November 4th. 3.58 am EST We continue to investigate the unusual activity. We want to make sure we take the time to investigate fully. We will be back up and running as soon as possible"

Do you have any information about what has happened? Is it a cyber attack from Russia or North Korea?

Some of the people that paid hacked stores by bank transfer reported in the BL forum that the transfers went to European accounts.

Share this post


Link to post
Share on other sites

It surprises me just how much I rely on Bricklink for a lot of MOC planning, even when I am not buying. *huh*

Share this post


Link to post
Share on other sites
18 minutes ago, Peppermint_M said:

It surprises me just how much I rely on Bricklink for a lot of MOC planning, even when I am not buying. *huh*

Agreed. I feel like I'm in withdrawal. ...I guess they don't call it Cracklink for no reason!

Share this post


Link to post
Share on other sites

I do not expect it will be back up soon. My GUESS is 1 - 2 weeks. Keep in mind that a breach tok the entire Playstation Network offline for almost four weeks. People could not even play their offline games that they bought digitally. And that's SONY we're talking about. With that being said, Sony did not have a ransomware hack. Ransomware hacks are concerning. Smaller companies can take a couple months to be back at 100%. 

Share this post


Link to post
Share on other sites

The timing is not great. They have just now emailed October invoices for seller fees that cannot be paid. Their lack of communication is often poor but doing an invoice run now just adds to their incompetence when it comes to communication. 

Share this post


Link to post
Share on other sites
7 hours ago, Something_Awesome said:

I do not expect it will be back up soon. My GUESS is 1 - 2 weeks. Keep in mind that a breach tok the entire Playstation Network offline for almost four weeks. People could not even play their offline games that they bought digitally. And that's SONY we're talking about. With that being said, Sony did not have a ransomware hack. Ransomware hacks are concerning. Smaller companies can take a couple months to be back at 100%. 

Would not be surprised, if the whole system is broken fatally. Bricklink was a good single-person-job. But I don't know how deep is lego in this code. Maybe we get a relaunch, when lego is working on this. But maybe lego bought bricklink only for goodwell (or data/statistics), then it will be ugly. The no-info policy is no good sign.

Share this post


Link to post
Share on other sites

As a weird aside. Today have been assembling a model in Studio and a number of elements are acting squirrelly, showing as not existing in colours that I know they do in abundance and have not had a problem with using before. Elements 30031 (handlebar) and 1941 (minifig weapons holder) both come in LBG but showing as not. I have had elements refuse to connect before but never had this one. Coincidence?

Edited by monkypaws

Share this post


Link to post
Share on other sites
34 minutes ago, monkypaws said:

As a weird aside. Today have been assembling a model in Studio and a number of elements are acting squirrelly, showing as not existing in colours that I know they do in abundance and have not had a problem with using before. Elements 30031 (handlebar) and 1941 (minifig weapons holder) both come in LBG but showing as not. I have had elements refuse to connect before but never had this one. Coincidence?

Yeah, the database Studio uses for part availability relies on Bricklink, so while its down there will be problems...

Share this post


Link to post
Share on other sites

I didn't know I was this reliant on BrickLink but I'm feeling withdrawal right now. It's difficult not being able to check the part catalogue with colours, what sets pieces appear in, etc.

Share this post


Link to post
Share on other sites
Just now, Elephant Knight said:

I imagine Brickowl's business has increased in the last day.

EKnight

Yep. I'll bet they are doing really well right now...

Share this post


Link to post
Share on other sites
6 hours ago, dirkberlin said:

Would not be surprised, if the whole system is broken fatally. Bricklink was a good single-person-job. But I don't know how deep is lego in this code. Maybe we get a relaunch, when lego is working on this. But maybe lego bought bricklink only for goodwell (or data/statistics), then it will be ugly. The no-info policy is no good sign.

100% agree. I was thinking about a potential relaunch. In that case, it will be a few weeks at least.

Share this post


Link to post
Share on other sites

Yeah, I have some open orders, I guess they are already en route to me, but for now I use BrickOwl as alternative to buy my parts till Bricklink is up and running again

Share this post


Link to post
Share on other sites
7 hours ago, dirkberlin said:

Would not be surprised, if the whole system is broken fatally. Bricklink was a good single-person-job. But I don't know how deep is lego in this code. Maybe we get a relaunch, when lego is working on this. But maybe lego bought bricklink only for goodwell (or data/statistics), then it will be ugly. The no-info policy is no good sign.

From what was posted in the BL forum, it seems most of the hacked accounts that were changed were fairly dormant.  Some had recent feedback but mainly from newly set up accounts. And the scam worked by removing paypal as a payment option, then getting people into the store with too good to be true prices and getting them to pay with bank transfer. Clearly someone knew what they were doing, as some of it is bricklink specific. For example, newer seller accounts must retain paypal as a payment option, hence using older accounts. 

How they got the passwords to those accounts is the big issue here.

The ransomware type demand seems to be quite different. There didn't seem to be any sellers having stores deleted prior to the demand, in fact the opposite, with individual hacked stores having high value sets added and in at least one case high value sets parted out to make it look like usual behaviour. It wouldn't surprise me if the ransomware demand was someone being opportunistic and not necessarily connected with the other hacked accounts. If they had posted using a large and active store's account, it might have been more believable that they had control of any account. I imagine they have hacked accounts through external phishing or reused passwords rather than hacking the BL site. 

 

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.