Inside QC

[Spirit]

I was looking at spam in these forums once again and noticed several old legit accounts being used to edit their old posts and inserting spam.

Examples:

viewtopic.php?p=17641#17641
viewtopic.php?p=10186#10186
viewtopic.php?p=1650#1650
viewtopic.php?p=1208#1208
viewtopic.php?p=14709#14709
viewtopic.php?p=15822

So either these people sold their accounts to spammers (highly unlikely) or the forum/server/database-server was hacked and someone got access to login data or the accounts were hacked.

I tried contacting Willis (since he is in #qc) to ask if he used a strong password but got no reply yet.

These hacks happened a while ago so no need to panic now.

You used a unique strong password for this site anyways, didn't you?

[revelator]

was starting to wonder myself.

Maybe its indeed time for a captcha atleast in the user registration allthough its probably to late for the acc's allready hacked.
i can live with a small annoyance as the beforementioned if it means
we can get rid of the bulk of these spammers.

thoughts/ideas ?

[Spirit]

There IS a captcha for registration and it has been there for years.

These are humans though.

[revelator]

registered a long time ago maybe thats why i dont remember hmm.

ok seems at the moment we need to get a hold on the users with these acc's.

[FrikaC]

Oh wow. There was the potential for a security breach when Telefragged upgraded the server a few years ago. Authentication was broken and someone could have got access to a list of usernames and crypt() hashes for your passwords - It might explain some of this. I didn't think anyone got through though. It could also be a hack to this particular version of phpBB. I will get to the upgrade soon, though now that I think some users may have been compromised, might want to start fresh.

[ceriux]

start fresh? new accounts, posts wiped? what about all of the useful information all over the forums?

unless that's not what you mean by start fresh?

[Error]

Starting "fresh" would mean someone might want to archive useful posts, or all if you're crazy.

[revelator]

well i changed my password as a precaution allthough as far as i can see im unaffected atm.

Good advise to passwords is using numbers + letters preferably with case changes (makes them somewhat harder to crack) but also a bit harder to remember, so keep your logins on a paper and far away from anything with network access.

Unless the hacked accounts have had there passwords changed this might be enough else the affected users might have to register anew and PM the board admin that there previous acc has been compromised.

[Spirit]

If the server is clean one could simply fiddle with all password hashes so no one could login anymore but would have to create a new password. Dunno how phpBB2 handles this but newer forums surely do reset passwords instead of mailing the user his current one.

[revelator]

If upgrading the forum software this might be of help.

http://www.phpbb.com/community/viewtopi ... &sk=t&sd=a

describes how to upgrade from phpbb2 to phpbb3.

If you need a backup place i got plenty space on my PC feel free to email me. I will keep the drive disconnected untill needed so as to avoid anyone messing with the content.

[leileilol]

I'm glad i'm not compromised.

[ceriux]

I'm glad i'm not compromised.

nice.. me either. If we do start fresh, i may change my user name.