|
jj
jjjjjjjjjj
|
Re: Somebody's trying to hack ITT
i got the same mail
|
Re: Somebody's trying to hack ITT
I got the same email too
|
Re: Somebody's trying to hack ITT
I got an "Hello, I'm new here and just wanted to say "hi" " pm.
|
Re: Somebody's trying to hack ITT
Quote:
|
Re: Somebody's trying to hack ITT
Yeah I got the Hi PM as well with a load of SPAM.
|
Re: Somebody's trying to hack ITT
I'm at work at the moment so I'm not going to bust out and check out the ip like I would if I was at home, but I just wanted to add my two cents. If this IP has been used to attack other accounts and other sites, and yet for some reason is running an ftp server and a server of some sort on port 80, the computer at that ip has probably been hacked itself and is being used to remotely attack sites.
|
Re: Somebody's trying to hack ITT
Quote:
|
Re: Somebody's trying to hack ITT
me too. the PM. 2 emails. same IP.
|
Re: Somebody's trying to hack ITT
Quote:
|
Re: Somebody's trying to hack ITT
yet another.
what would this guy gain from having my lame forum account? |
Re: Somebody's trying to hack ITT
This site isn't exactly known for the most proactive administration. The ip needs to get banned immediately and reported to the ISP. Reverse DNS reveals it to be a static ip provided by a hosting company called "The Planet" in Texas. It is likely a compromised rented server, but equally possible it could be a rented server which some script kitty is using for hacking purposes. I sure hope they didn't rent that server on daddy's credit card, cause if they did, they are in for a world of hurt.
|
Re: Somebody's trying to hack ITT
I got the same ******** email also..."Hi i am new here blah blah blah..."
I thought it was a joke, because of a thread i started that was being attack on the basis that it was thought to be spam. but i guess not. |
Re: Somebody's trying to hack ITT
i happen to be a member at forums.remote-exploit.org and both sites gave me that email. seems like there is something more than meets the eye going on here.
|
Re: Somebody's trying to hack ITT
I'm starting to think this might be a fully automated attack, this box might just be trying to brute force forums in general, not for the forum accounts but for the passwords. Logic possibly being that people have a tendency to use the same username and password across multiple websites, and the person behind this is probably hoping that your PayPal account is the same thing as your ITT account. So. Make sure it isn't.
|
Re: Somebody's trying to hack ITT
Sounds like 2 things going on here...
1. Brute force attack. Likely rotating usernames with the passwords in an attempt to keep from getting locked out, but obviously running into dupes too quickly (causing the temporary lockouts). 2. Social engineering(?) The guy I got the same lame private message from called himself "einstein2". I'm not sure if there might be something embedded in the message (I didn't bother reading through the HTML), but it did include a link to http://stein.freehostia.com (which is blocked by our proxy). I would not recommend following the link, as it may host malware. |
Re: Somebody's trying to hack ITT
I'm investigating the problem and have just blocked the IP from the firewall.
Thanks. |
Re: Somebody's trying to hack ITT
same, i got an email from einstein2
Quote:
|
Re: Somebody's trying to hack ITT
Quote:
Looking a bit further at the link at the end of the message: 'Site stein.freehostia.com blocked; this is a known spyware/adware website.' So don't visit. |
Re: Somebody's trying to hack ITT
I just got this private message from "einstein2", too. Let's see how soon my account is locked...
|
Re: Somebody's trying to hack ITT
I got the message this morning.
|
Re: Somebody's trying to hack ITT
I reported this activity to abuse@theplanet.com yesterday.
|
Re: Somebody's trying to hack ITT
I got the "Hi" message once on July 7th. My account was not locked.
|
| All times are GMT. The time now is 11:56. |
vBulletin® Version 3.8.8