Go Back   vb.org Archive > Community Central > Community Lounge
Reload this Page Odd Type Of Forum Hack
FAQ Community Calendar Today's Posts Search

Reply
 
Thread Tools Display Modes
  #1  
Old 03-24-2009, 11:20 PM
Trip's Avatar
Trip Trip is offline
 
Join Date: Mar 2008
Location: Eastern Canada
Posts: 199
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default Odd Type Of Forum Hack
It's been an easy week on my forum, a member and personal friend of mine decides he wants to sell his motorcycle to upgrade, so a thread is created. People respond and comment, a day later he announces that the bike has sold. Within this week the same member creates and responds to threads, we chat back and forth a bit via PM. Business as usual. I find out tonight that he has been out of town for a week, and asks "why is my bike for sale?" Not only my forum, but four other forums of the same niche have the same type of posts. What's even more bizzare is this person posing as this member sent myself and three of his friends a personal email saying that the person he sold his bike to, cheque didn't clear so I had to go and get the bike back, etc, etc. Now he did admit to having the same password across all the boards, but what would appeal to somebody to take the time and cause this kind of trouble? On top of all that, I noticed a new member has joined the site tonight...with the original member's email address. It's very odd and I'm not sure what to tell him, to me this isn't a site security issue, it's more of a password security issue. Frankly, I am bothered by the whole situation and I would like to know the root cause. Anybody have a similar experience??
Reply With Quote
  #2  
Old 03-24-2009, 11:30 PM
nexialys
Guest
  
Posts: n/a
Default
seems like someone try to avoid a bike sale... it's easy to say "it was not me, my account was tricked, blah blah..."
Reply With Quote
  #3  
Old 03-24-2009, 11:58 PM
Lynne's Avatar
Lynne Lynne is offline
 
Join Date: Sep 2004
Location: California/Idaho
Posts: 41,180
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Did you check the IPs of the posts?
Reply With Quote
  #4  
Old 03-25-2009, 04:27 AM
students_forum's Avatar
students_forum students_forum is offline
 
Join Date: Aug 2008
Location: Manchester
Posts: 147
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
That is rather alarming!
That person must have been stalking the 'victim' online for ages to guess the password, know his email and bike details!!
Reply With Quote
  #5  
Old 03-25-2009, 07:27 AM
Trip's Avatar
Trip Trip is offline
 
Join Date: Mar 2008
Location: Eastern Canada
Posts: 199
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Quote:
Originally Posted by Lynne View Post
Did you check the IPs of the posts?
Yes I did, and the IP doesn't match his regular IP. Strange thing, we now have a new user with the same mystery IP and used his email to register. Very odd
Reply With Quote
  #6  
Old 03-25-2009, 11:10 AM
kevcj's Avatar
kevcj kevcj is offline
 
Join Date: Mar 2007
Location: East Texas
Posts: 334
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Quote:
Originally Posted by Trip View Post
I noticed a new member has joined the site tonight...with the original member's email address.
Your not supposed to allow members to reuse an email address.

Someone could have gotten your friends email password - this could have been done through a keyword logger. Or he checked his email from an infected computer.

It does not sound like a "hack" at all, but more of a combination of low security settings on your forum and your friends computer.
Reply With Quote
  #7  
Old 03-25-2009, 03:46 PM
Alfa1's Avatar
Alfa1 Alfa1 is offline
 
Join Date: Dec 2005
Location: Netherlands
Posts: 3,537
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
I assume this is an hotmail address?
Reply With Quote
  #8  
Old 03-27-2009, 01:10 PM
Trip's Avatar
Trip Trip is offline
 
Join Date: Mar 2008
Location: Eastern Canada
Posts: 199
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Quote:
Originally Posted by kevcj View Post
Your not supposed to allow members to reuse an email address.

Someone could have gotten your friends email password - this could have been done through a keyword logger. Or he checked his email from an infected computer.

It does not sound like a "hack" at all, but more of a combination of low security settings on your forum and your friends computer.
Yeah, I've since set the radio button over to not allow same email addys

Quote:
Originally Posted by Alfa1 View Post
I assume this is an hotmail address?
Same, it's a gmail
Reply With Quote
Reply

« Previous Thread | Next Thread »

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT. The time now is 09:00 AM.

Contact Us - Archive - Top

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.04952 seconds
  • Memory Usage 2,228KB
  • Queries Executed 13 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)ad_showthread_firstpost
  • (1)ad_showthread_firstpost_sig
  • (1)ad_showthread_firstpost_start
  • (4)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)navbar
  • (3)navbar_link
  • (120)option
  • (8)post_thanks_box
  • (8)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (8)post_thanks_postbit_info
  • (8)postbit
  • (7)postbit_onlinestatus
  • (8)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 
Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_postinfo_query
  • fetch_postinfo
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete