People are trying to brute force my account

[Amaury]

Quote:

Originally Posted by CaseLogic

First off, I disagree. They can start banning IP ranges so this doesn't keep happening slowly to their entire userbase.

Secondly, even if they don't take any action to prevent it, it couldn't hurt to send users emails to inform them that apparently botnets are trying to brute force their way into people's accounts, and to take the proper measures (ensure passwords are secured, etc).

They do send out e-mails.

Quote:

Account on vBulletin.org Forum locked out

Dear Amaury25,

Your account on vBulletin.org Forum has been locked because someone has tried to log into the account with the wrong password more than 5 times. You will be able to attempt to log in again in another 15 minutes.

The person trying to log into your account had the following IP address: 218.17.157.20

Don't forget that the password is case sensitive. Forgotten your password? Use the link below:
https://vborg.vbsupport.ru/login.php?do=lostpw

All the best,
vBulletin.org Forum

[BigAl205]

Quote:

Originally Posted by CaseLogic

First off, I disagree. They can start banning IP ranges so this doesn't keep happening slowly to their entire userbase.

Secondly, even if they don't take any action to prevent it, it couldn't hurt to send users emails to inform them that apparently botnets are trying to brute force their way into people's accounts, and to take the proper measures (ensure passwords are secured, etc).

You can't be too broad with your restrictions unless your board has a specific target. For companies working with a global market such as VB, it's bad business to block too many ranges. I'm sure even China has legitimate customers using VB who would be blocked if a large enough range was used.

[Carpesimia]

Hacking is at a big-time high. Twitter just got hacked. If your site is big enough, expect to someone to try and hack you.

vBulletin is working great knocking away the brute force attempts and sending emails to alert users someone is trying to log in as them. I got like 50 emails tonight, and decided to come in and update my already decent password to an even better one. Thats what the emails are for, in my opinion.

And VB not caring? If they didnt care, they wouldnt have built it into the system. People try to hack, they fail, and then they go away. If VB staff made a big deal about it each time, it would only encourage the people to try harder.

My $.02, anyways.

[Big Al]

Quote:

Dear Big Al,

Your account on vBulletin.org Forum has been locked because someone has tried to log into the account with the wrong password more than 5 times. You will be able to attempt to log in again in another 15 minutes.

The person trying to log into your account had the following IP address: 41.67.2.2

Don't forget that the password is case sensitive. Forgotten your password? Use the link below:
https://vborg.vbsupport.ru/login.php?do=lostpw

All the best,
vBulletin.org Forum

IP= 41.67.2.2 Proxy from Khartoum.

There is no doubt that spamming is getting worse and newer advanced programs are being used to counteract anti-spam measures we take. The providers need to become pro active, not brush the problem aside.
VB does send out an email, thanks, but action needs to be initiated to counteract the advances the spammer are putting in place.

Quote:

If you checked "Remember Me?" whenever you last logged in and just close your browser when you're done browsing instead of logging out, then these brute force attacks won't affect you.

A valid point, but I think it will only work if you allow cookies to be stored.
Many people delete cookies when they log off.

--------------- Added [DATE]1359858815[/DATE] at [TIME]1359858815[/TIME] ---------------

Quote:

99% of SPAM comes from China. I have no reason for anyone in China to view any content on my servers, so I block all Chinese IP space at the firewall level.

Exact figures are hard to come by. But it does appear that most spam comes from the USA.

Currently there is a lot from USA, China and Ukraine etc.

China is sensitive to international pressure and their reputation.

They have made large strides recently to curb scammers and other fraud. Closing down large numbers of bad sites etc . This is to their credit and is welcome.

However most governments are reluctant to curb any income producing method and the income from Chinese business who use spam is very large.

Until recently, a lot of the traffic was curtailed and quite a few businesses used ISP's in Hong Kong and Switzerland to bypass restrictions in mainland china. I think this is now not so common.

[chiapeterson]

I've received 40 messages in the last 5 minutes about my account being locked because someone has entered the password wrong 5 times. Each message has a different IP address. PLEASE close\delete this account. I've not used VBulletin in over 4 years. Thank you!

[Amaury]

As far as I know, they don't delete accounts here.

[chrisngrod]

Just wanted to chime in that they are trying to brute force mine as well.

[Chevy II]

I also received 47 of these email. The reports were from many different IP addresses too. Romania, China, Brazil and India to name a few...

What is up with this?

--------------- Added [DATE]1359863784[/DATE] at [TIME]1359863784[/TIME] ---------------

BTW, this was an attempt from someone trying to log into my account 5 times with the wrong PW... Not an account deletion.

Here is an example of 1 of the 47 email I received.

Quote:

Dear Chevy II,

Your account on vBulletin.org Forum has been locked because someone has tried to log into the account with the wrong password more than 5 times. You will be able to attempt to log in again in another 15 minutes.

The person trying to log into your account had the following IP address: 103.7.64.51

Don't forget that the password is case sensitive. Forgotten your password? Use the link below:
https://vborg.vbsupport.ru/login.php?do=lostpw

All the best,
vBulletin.org Forum

[Amaury]

Quote:

Originally Posted by Chevy II

I also received 47 of these email. The reports were from many different IP addresses too. Romania, China, Brazil and India to name a few...

What is up with this?

--------------- Added [DATE]1359863784[/DATE] at [TIME]1359863784[/TIME] ---------------

BTW, this was an attempt from someone trying to log into my account 5 times with the wrong PW... Not an account deletion.

Here is an example of 1 of the 47 email I received.

Nothing to worry about if you have a strong password. Just spam accounts trying to get in.

[Digital Jedi]

Quote:

Originally Posted by CaseLogic

Damn, this is happening to me now. I came to create a thread but apparently some botnet is having a field day on these forums.

And clearly VB staff doesn't care much about these attempts given no one has officially commented in the past few days?

Quote:

Originally Posted by Amaury25

The staff has no control over it.

Um, Paul commented on it today. The software is working like it's supposed to. This thread is bewildering. The software is doing what it's supposed to. Locking them out, and informing you of attempts. But this is, for some reason, considered out of control? So far no one has answered my question. What more do you want it to do?