An apparent exploit of the forums is allowing a massive amount of spam PM's. Do not open any links on any PM's, or even PM's, if they are not from people that you know. (***EDIT-even if you know them as if their user & password is the same, their account has probably been hijacked...) Some are porn, some have virus and trojans!
We are working it on it and hope to have it in control soon.
Thanks!
If your User name and Password are the same, CHANGE IT NOW!!!! That is the exploit...
Yep... Just sent something to Phillip about this... Also don't install those activex crap things for the porntube stuff. It's not real. Besides the video is actually just an image.
penguincomrade wrote:Yep... Just sent something to Phillip about this... Also don't install those activex crap things for the porntube stuff. It's not real. Besides the video is actually just an image.
yep ! I got the pm from a member thats been here since 01,so be careful everyone!
The exploit is a script that tries to login as existing users, trying a password that equals the username. If it successfuly logs in, it then proceeds to send spam PMs to other members.
Working on it at the moment. The majority of spam was coming from the same israeli IP address that's already banned.
Philip wrote:The exploit is a script that tries to login as existing users, trying a password that equals the username. If it successfuly logs in, it then proceeds to send spam PMs to other members.
Working on it at the moment. The majority of spam was coming from the same israeli IP address that's already banned.
Is there a vB hack that can be installed that will disallow the username and password to be of the same value?
Ken wrote:An apparent exploit of the forums is allowing a massive amount of spam PM's. Do not open any links on any PM's, or even PM's, if they are not from people that you know, even if you know them as if their user & password is the same, their account has probably been hijacked.... Some are porn, some have virus and trojans!
We are working it on it and hope to have it in control soon.
Thanks!
Edit!!!! If your User name and Password are the same, CHANGE IT NOW!!!! That is the exploit...
That's just it. My password and username are NOT the same.
Ken wrote:Do not open any links on any PM's, or even PM's, if they are not from people that you know, even if you know them as if their user & password is the same...
YoS, Ken was simply trying to say that the spam PM could be coming from existing users, simply because they were using a weak password - the exploit targets users whose username and password are the same.
Philip wrote:YoS, Ken was simply trying to say that the spam PM could be coming from existing users, simply because they were using a weak password - the exploit targets users whose username and password are the same.
Yard is being a tool and criticizing Ken's grammar.
Tao_Jones Cult Member since 2004
I gave Miss Manners a Dirty Sanchez, and she LIKED it.
brembo wrote:Yard is being a tool and criticizing Ken's grammar.
It was a quick post made to hopefully keep as many members as possible, from becoming a victim. It's not like I had a lot of time to think about the post as we were trying to stop the SOB's and figure out what was going on. When the specific exploit was discovered, it wasn't just PM's from people that you didn't know, they could be from any account, so that part was an after the fact edit... Not to mention that my PM's were coming in like flies to stink... Multi tasking at it's finest...
Philip or Ken can one of you send the IP address or addresses for this exploit by PM so I can ban it at the heart forum before it starts on us too please?
Success is a lousy teacher. It seduces people into thinking they can't lose. -Bill Gates
Comtrad wrote:Who is stupid enough to have their name/pw the same?
so it's not really anyting on SG side, just some users being stupid and someone using a script to take advantage of it.
To answer that question...
I've identified 895 accounts (711 of which with 0 posts) in the SG user database that have their names set for their password.
It is still our problem, since those can be used to spam the forums/PMs to no end unless addressed.
In addition to those 895, there were another 600 with very weak passwords, i.e. 123, 1234, password, qwerty, etc.
All those 1500+ users are in the process of having their passwords reset, and the server is emailing them with a link to reactivate their account and choose a stronger password.
The moral of all this being, please, use common sense and strong passwords!
9mmprincess wrote:yeah I got a pm with porn spam from "raromoney"....
as did I however I was unable to thank him as my keyboard keys got stuckified.
I was going to post a link to that thread, but the SG search results for "bullsh|t" were too numerous
sometimes you have to think outside the box to get inside the box .
(Only the old people will get that!
accounts (711 of which with 0 posts) in the SG user database that have their names set for their password.
however I was unable to thank him as my keyboard keys got stuckified.
.