Go Back   vb.org Archive > Community Central > vBulletin.org Site Feedback
FAQ Community Calendar Today's Posts Search

Closed Thread
 
Thread Tools Display Modes
  #1  
Old 04-18-2016, 06:44 AM
Master-Guy Master-Guy is offline
 
Join Date: Oct 2007
Posts: 1
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default Misc/Other - Account hijack attempt on your site

Dear administrators,

Please note that there is a hijack bot attacking your website.
It originates from the IP address 114.111.167.229, which is a known source of trouble.
Would you please be so kind to permanently block this IP from your website, and prevent it from attempting to brute-force accounts? Your 15 minute block seems to have slowed it down for now.

With kind regards,
"Master-Guy" Marcel
  #2  
Old 04-18-2016, 07:15 AM
harleyknd1 harleyknd1 is offline
 
Join Date: Dec 2013
Posts: 1
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

I can confirm this, it uses proxy IP's to bypass the timers, last attack attempt on my account came from: 101.254.188.198

I suggest all users to change their passwords to a md5 string which should make brute force impossible
  #3  
Old 04-18-2016, 07:15 AM
NovoCiv NovoCiv is offline
 
Join Date: Aug 2010
Posts: 80
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

There is also a bot attacking from 202.100.167.169

This IP comes up in a lot of spam reports so it's also safe to block.
  #4  
Old 04-18-2016, 09:27 AM
sanoja sanoja is offline
 
Join Date: Nov 2010
Posts: 1
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Also known attack IP coming from 120.55.167.192
  #5  
Old 04-18-2016, 09:28 AM
ForceHSS ForceHSS is offline
 
Join Date: Apr 2008
Posts: 6,357
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

This happens every few months nothing to worry about
  #6  
Old 04-18-2016, 10:49 AM
Duke49th Duke49th is offline
 
Join Date: Sep 2014
Posts: 24
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Same here guys:

Quote:
Dear Duke49th,

Someone has tried to log into your account on vBulletin.org Forum with an incorrect password at least 5 times. This person has been prevented from attempting to login to your account for the next 15 minutes.

The person trying to log into your account had the following IP address: 87.229.235.202

All the best,
vBulletin.org Forum
The only thing making me worry a bit is that he tried vbulletin.org - I used the same email adress on linuxmint forums which was hacked two times a couple of weeks ago. (but I use different random passwords now everywhere since that day)

Someone else was registered there with the email he used here? Is it really happening randomly here in this forum?

@ForceHSS: I have a stalker thats why I am a bit nervous also^^
  #7  
Old 04-18-2016, 11:28 AM
ForceHSS ForceHSS is offline
 
Join Date: Apr 2008
Posts: 6,357
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by Duke49th View Post
Same here guys:



The only thing making me worry a bit is that he tried vbulletin.org - I used the same email adress on linuxmint forums which was hacked two times a couple of weeks ago. (but I use different random passwords now everywhere since that day)

Someone else was registered there with the email he used here? Is it really happening randomly here in this forum?

@ForceHSS: I have a stalker thats why I am a bit nervous also^^
If you have a strong password you don't need to worry and on your email make sure you have the two step security put in place it will stop them getting into your email system
  #8  
Old 04-18-2016, 08:01 PM
TheLastSuperman's Avatar
TheLastSuperman TheLastSuperman is offline
Senior Member
 
Join Date: Sep 2008
Location: North Carolina
Posts: 5,844
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by Duke49th View Post
Same here guys:



The only thing making me worry a bit is that he tried vbulletin.org - I used the same email adress on linuxmint forums which was hacked two times a couple of weeks ago. (but I use different random passwords now everywhere since that day)

Someone else was registered there with the email he used here? Is it really happening randomly here in this forum?

@ForceHSS: I have a stalker thats why I am a bit nervous also^^
Great! Always do this for every site! Problems remembering passwords? Don't have your browser do it (virus on pc and all passwords now known ) instead purchase a black ledger book or similar from local store, write down all passwords in there - a different one for each site .

Yes it happens here and on other forums randomly, they do this because quite a few people still use the password... "password" which is silly at best! Using your birthday if Dec 20th for example 1220 as a password is also silly. The moral of the story is... you guessed it - Don't be silly! (lol). 18+ character/digit passwords using upper+lower case letters numbers and symbols, if you can go more than 18 characters then by all means do so.

Quote:
Originally Posted by ForceHSS View Post
If you have a strong password you don't need to worry and on your email make sure you have the two step security put in place it will stop them getting into your email system
^^ Force is a regular member on here, his advice on this is solid. Closing thread like the countless others i.e. this has been posted before but no one ever uses the search they just post to cause mass panic J/K J/K . I'll bug Paul about having the email being sent changed so there is some form of info/disclaimer regarding why you shouldn't post and so you know it happens every now and then no promises but I will follow up to see about it.

DO NOT USE THE SAME PASSWORD FOR EVERY SITE!
Closed Thread


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 02:51 AM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.05578 seconds
  • Memory Usage 2,236KB
  • Queries Executed 13 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)ad_showthread_firstpost
  • (1)ad_showthread_firstpost_sig
  • (1)ad_showthread_firstpost_start
  • (4)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)navbar
  • (3)navbar_link
  • (120)option
  • (8)post_thanks_box
  • (8)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (8)post_thanks_postbit_info
  • (8)postbit
  • (8)postbit_onlinestatus
  • (8)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_postinfo_query
  • fetch_postinfo
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete