Spam-tastic!

Because we like to say things loudly.

Spam-tastic!

Postby Chrystal » Fri Jan 13, 2012 8:11 am

I'm not dead. No really, I'm not. <_<

I may... or may not have forgotten my pw. Or perhaps I was database hacked.... but let's just go with me forgetting. I managed to reset it. I have no idea how there was a spammer post and they didn't even have an account.

I need to do something about registering. I had about 500 spam emails to "approve" members, which of course is spam. T_T Sigh. So, I have to complete deactive new accounts to be resigstered until I find a solution.

IF THERE'S ANYONE FLOATING OUT THERE, who would like to join (and is not a spammer bot). Hit me an email and I'll set one up for you. Until I can fix it to do it all automatically again.

Sighhhh. Hope everyone had a grand new year/holiday.
ですですです
avatar credit:
http://vgcats.com
User avatar
Chrystal
Site Admin
Site Admin
 
Posts: 364
Joined: Fri Jul 29, 2011 2:09 am
Location: Where cows overpopulate the people

Re: Spam-tastic!

Postby Alex » Sat Jan 21, 2012 7:15 am

That's a shame you had problems logging in. I hope it wasn't anything serious.

I think what had happened with the spam poster was that it registered, posted, and then you deleted its post. I could be wrong, but I do remember seeing the post still floating around the forum after you deleted the actual user. So maybe it was just overlooked?
I think I "reported" the post via the report button, so I don't know if you got it in your ACP somewhere or not. I figured it was better than PM'ing you about it and wasting space/time replying there. *shrug*

I'm honestly baffled at why phpBB has so many problems with spammers and botters. I would assume being a big type of forum script option, that they'd have a structured method of dealing with botters and spammers. I'm guessing you can't find a decent mod on their official site/boards about it though? I would've assumed they would have a few options. Unless they're the mods you may already have that don't seem to work. >_>;

Honestly, I don't see a problem with admin approvals for accounts (having it off completely). It is a bit more annoying, but at least it stops botters and spammers from registering. If people find their way here and really want to post, I think they'll find and contact you somehow. Maybe just make an apparent note on your site about it? *shrug*
"Always be yourself, because the people that matter don't mind; and the people that mind don't matter."
User avatar
Alex
 
Posts: 281
Joined: Thu Aug 04, 2011 12:28 pm
Location: The land of humidity and Hollister attire

Here's Lookin' Out

Postby Alex » Mon Jan 23, 2012 11:18 pm

Sorry for double-posting, but I figured this was something worth sharing that I found:
On January 21, 2012: Simon Anderson - CEO, DreamHost wrote:In the DreamHost spirit of transparency and openness, I’m providing this update on our blog on the security issue yesterday. It’s necessarily pretty dry and factual, unlike most DreamHost posts, but that’s important to communicate as much detail as possible while not disclosing the inner workings of our security defenses. The bad news is that we detected access to one of our databases and took rapid action to protect customer accounts and passwords. The good news is that it does not appear that any significant malicious activity has occurred on any customer accounts as a result of the illegal access.

Early yesterday, one of DreamHost’s database servers was illegally accessed using an exploit that was not previously known or prevented by our layered security systems in place. Our intrusion detection systems alerted our Security team to the potential hack, and we rapidly identified the means of illegal access and blocked it.

Our first priority in this situation is to protect the safety and security of our customers’ websites and information. A quick review of the data potentially accessed indicated that some customers’ FTP and shell access passwords may have been compromised. So we decided to err on the side of caution and immediately initiate a forced reset of all customers’ FTP and shell access passwords, with the aim of preventing any illegal activity on customer websites. All FTP and shell access passwords were reset, and customer notifications were inserted in the web panel and on http://www.dreamhoststatus.com asking customers to specify new passwords once they’d logged in.

DreamHost has three types of user passwords – a web panel password, FTP/shell access passwords, and email passwords. Web panel passwords and email passwords were not accessed or affected. However we recommended in an update email to customers and their email users late yesterday that they reset their email passwords as well, as a precaution. It’s important to note that NO CUSTOMER BILLING INFORMATION OR OTHER PERSONAL INFORMATION WAS ACCESSED.

Our Security and Software teams have been investigating if any customer sites, apps or blogs have been affected as a result of the intrusion. As yet we have not identified any major issues – potentially as a result of the swift action to force a password reset. We’ll continue to monitor all systems and investigate and assist with any issues if they come up. We’ll all be working hard over the coming days to minimize any impact on customers beyond the password reset.

DreamHost uses a sophisticated suite of security software and constant monitoring that typically prevents any type of illegal access to our systems. In this case, our systems were not able to prevent the unauthorized access, however our intrusion detection system did allow us to respond immediately and minimize customer impact. We’ve already implemented changes to prevent any similar attempted hacks, and we’re performing a rigorous security review including a detailed review of customer input on potential vulnerabilities. Defending against cyber attacks is unfortunately an everyday part of business for Internet companies, so we’re constantly evolving our security measures to prevent them.

Thanks to all our customers for your patience, support and understanding. We acted swiftly to minimize the risks of the intrusion, and we know that changing passwords has caused you inconvenience. Customers who have ongoing concerns can contact our support team through the web panel. And I’ll be posting another update here if further information that can be shared publicly.

Simon Anderson
CEO, DreamHost

Reason I posted this was because I too, was having issues logging into my domain via FTP Client, and it denied me access. So I told my hostess about it, and sure enough, she told me DreamHost was having issues. I knew you had DreamHost as well, so I thought I'd share this info with you.
This is a more recent hack attempt though, so I'm not sure if it has anything to do with your previous one on the 13th or earlier. I just thought I'd post it here in case you didn't know what was happening recently.

I would definitely make sure your actual FTP access (or web access if that's what you use) is able to be accessed by you. If you haven't reset your passwords, I'd do that too.
Also, if you have any SQL passwords that are different, they were not compromised. They should be changed though if they are the same as your other passwords, however.

I also found these great links that may shed some more light:
"Always be yourself, because the people that matter don't mind; and the people that mind don't matter."
User avatar
Alex
 
Posts: 281
Joined: Thu Aug 04, 2011 12:28 pm
Location: The land of humidity and Hollister attire


Return to Announcements

Who is online

Users browsing this forum: No registered users and 1 guest

cron