Announcement

Collapse
No announcement yet.

Is someone so bored they're trying to hack this place?

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Auryndenek
    replied
    Thanks Doug for taking care of this! Hopefully it'll stop now.

    I wonder what these goofballs are after. Like, what would they do once they got into an account? Spam until it gets banned?

    Leave a comment:


  • Jan
    replied
    Thanks, DougO! If only they would use their powers for good...

    Jan

    Leave a comment:


  • DougO
    replied
    Greetings,

    I've done some research on this issue and it appears that this sort of brute force password attack happens every few months to forums on the Internet.

    The http://www.vbulletin.com/forum site (support forum for vBulletin) has actually experienced the same attack this week from Russian IP addresses.

    The way these attacks work is the attacker has an ordered list of the most common passwords along with a script that attempts to logon. The script works it way through the list, however because the forums lock the account for 15 minutes after 5 failed attempts, the going is very slow. Unless your password is extremely common (e.g., "password", "123456", etc.) it could take months or years to guess your password that way. You'd also receive a constant stream of lock out emails (one every 15 minutes).

    As a precaution, I have block IP addresses that begin with "188.143.242", "188.143.243", "188.143.244", and ""188.143.245". That is 1024 IP addresses total and represent the ranges that have been reported so far.

    Hopefully the attackers will move on soon to a different target.

    -DougO

    Leave a comment:


  • Auryndenek
    replied
    Wow, this really is creepy. I haven't had any more attempts on my account as of the time I posted this, but that could change. I'm glad this site sends emails when somebody tries to bust in! I never would've known otherwise.

    Leave a comment:


  • becket
    replied
    I got the same thing. Same IP address too.

    Leave a comment:


  • DeMonk
    replied
    Same here. Russian IP address too.

    Leave a comment:


  • Jan
    replied
    Thanks for the information, folks. DougO is monitoring this but it seems to be spammers trying to get access. It's an ongoing deluge with over 1K per week registering and attempting other things.

    For those we haven't seen for a while, Hi! Glad to see you again.

    Jan

    Leave a comment:


  • colleen
    replied
    Someone also tried to hack my account.

    Leave a comment:


  • Ubik
    replied
    I've just changed my password to something more robust. It may be worth others changing theirs to a strong password containing both numbers, letters and symbols (if not already the case).

    Also, this is common sense... but make sure your password is not the same as any associated with your key accounts, i.e. PayPal, eBay, webmail, etc.

    Leave a comment:


  • Dan Dassow
    replied
    I just received the notification.

    The person trying to log into your account had the following IP address: 188.143.234.14

    Leave a comment:


  • batkinson001
    replied
    Originally posted by Auryndenek View Post
    I got an email notification saying someone tried to get into my account five times before the forum locked them out. I changed my password and took it another step to change all my passwords everywhere.

    The IP that made the attempt is 188.143.232.144

    Here is a whois on it http://whatismyipaddress.com/ip/188.143.232.144 and the commentary suggests this IP has been messing around all over the web.

    I suspect it's a proxy, but who knows?
    I am getting the same issue, I have changed my password, if I could change my username... I would... i looked up the IP from the emails I have received and it's from St. Petersburg Russia...

    https://ipdb.at/ip/188.143.235.81

    Leave a comment:


  • Boo Gee
    replied
    I got one of those messages today as well. Thanks for staying on top of this.

    Leave a comment:


  • beerguy101
    replied
    Same here.

    Leave a comment:


  • babylonlurker
    replied
    I got one, too, from memory the sam IP address as above.
    Let's see how long this continues (hopefully not that long).

    IIRC it has happened before, a while ago.

    Leave a comment:


  • Babel-17
    replied
    I got the e-mail as well.

    IP address: 188.143.235.81

    Same profile of being suspect and from the same area.

    Leave a comment:

Working...
X