don't panic: Forum hacked or attacks on accounts

by **Spirit** » Sun Aug 28, 2011 9:08 am

I was looking at spam in these forums once again and noticed several old legit accounts being used to edit their old posts and inserting spam.

Examples:

viewtopic.php?p=17641#17641
viewtopic.php?p=10186#10186
viewtopic.php?p=1650#1650
viewtopic.php?p=1208#1208
viewtopic.php?p=14709#14709
viewtopic.php?p=15822

So either these people sold their accounts to spammers (highly unlikely) or the forum/server/database-server was hacked and someone got access to login data or the accounts were hacked.

I tried contacting Willis (since he is in #qc) to ask if he used a strong password but got no reply yet.

These hacks happened a while ago so no need to panic now.

You used a unique strong password for this site anyways, didn't you? :-)

by **revelator** » Sun Aug 28, 2011 11:01 am

was starting to wonder myself.

Maybe its indeed time for a captcha atleast in the user registration allthough its probably to late for the acc's allready hacked.
i can live with a small annoyance as the beforementioned if it means
we can get rid of the bulk of these spammers.

thoughts/ideas ?

by **Spirit** » Sun Aug 28, 2011 11:24 am

There IS a captcha for registration and it has been there for years.

These are humans though.

by **revelator** » Sun Aug 28, 2011 2:13 pm

registered a long time ago maybe thats why i dont remember hmm.

ok seems at the moment we need to get a hold on the users with these acc's.

by **FrikaC** » Wed Aug 31, 2011 6:45 pm

by **ceriux** » Wed Aug 31, 2011 6:57 pm

by **Error** » Wed Aug 31, 2011 7:08 pm

by **revelator** » Wed Aug 31, 2011 7:28 pm

by **Spirit** » Wed Aug 31, 2011 7:53 pm

by **revelator** » Wed Aug 31, 2011 8:49 pm

by **leileilol** » Thu Sep 01, 2011 1:12 pm

I'm glad i'm not compromised.

by **ceriux** » Thu Sep 01, 2011 3:33 pm

don't panic: Forum hacked or attacks on accounts

don't panic: Forum hacked or attacks on accounts

Who is online