vb.org Archive

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   vB3 General Discussions (https://vborg.vbsupport.ru/forumdisplay.php?f=111)
-   -   Spammers/Hackers attempting to hack our user's accounts (https://vborg.vbsupport.ru/showthread.php?t=209487)

Infinite Guitar 03-26-2009 08:54 AM
Spammers/Hackers attempting to hack our user's accounts
 
1 Attachment(s)
Hey folks,

We're having some spammer/hacker problems.

Please see attached image. It shows our "Who's Online" log. Within a span of a couple minutes there are multiple login attempts from multiple IP addresses all over the world. All of them attempt to login to random user accounts.

We've been getting many emails from our members saying that they've been receiving the email that says "Your account has been locked for 15 minutes because someone tried to enter with wrong password, etc."

This is extremely annoying for our members. We don't want our members getting these emails all the time just because spammers are trying to access their accounts.

It seems obvious that whoever is attacking is using proxy servers hence the many random IP addresses. Do any of you have advice for this type of problem? We can block these IP addresses all day but it probably won't do much since they're using proxy.

Any advice or help would be much appreciated. Thanks.

nexialys 03-26-2009 10:27 AM
hum, funny, a new bot which is reading your memberslist and then try to lock your forum with this technique...

deactivate your memberslist, you will have no more problems...for now!

--------------- Added [DATE]1238066926[/DATE] at [TIME]1238066926[/TIME] ---------------

AdminCP >> vBulletin Options >> User Listing Options >> Members List Enabled

Infinite Guitar 03-26-2009 05:52 PM
Thanks for the reply nexialys. Yeah we actually removed the memberlist.php page a while ago, so I'm not sure how they're getting all the usernames.

We just disabled the Who's Online > Active Members list at the bottom of the forum to all logged out guests, so hopefully that might help. But I'd imagine this bot or spammers might simply be going through the forum threads getting usernames too.

Has this type of spammer activity happened with any of you guys? If it keeps up we might have to disable the email that's sent out to users when their account is locked for 15 minutes. I'd hate to do it but we can't tolerate our members getting those notification emails non-stop due to the bots.


All times are GMT. The time now is 06:16 AM.

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.00973 seconds
  • Memory Usage 1,710KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (3)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete