Forum Security
- Stuart Truman
- ALPI
- Posts: 315
- Joined: Thu Jul 28, 2011 12:14 am
Forum Security
Folks, it gives me no pleasure to write this:
There is a particularly insidious piece of blackmail spam going about that claims to have infected your device with malware, gained access to your webcam and recorded you watching porn. There is a request to pay up via bitcoin to keep quiet or else they will forward it to your friends and family. So far, so much to ignore. But here's the clever/nasty bit; they have a password that you’ve used with a website or forum and they share it back with you as some kind of “proof†that you’ve been hacked. This is where people start to panic.
What’s actually happened is that they’ve breached the security of the site that the password came from. I’ve had two of these mails in the past couple of weeks. Both with the same password, and it’s the password I use here. I use a password manager and my passwords are random strings of characters. The likelihood of the password manager I use being breached is negligible. I do not ever use the same password on multiple sites.
I can only assume that someone has breached the security of this forum. I did search the forum before posting this but I could not find anything alerting users to the possibility.
You may wish to change your passwords
There is a particularly insidious piece of blackmail spam going about that claims to have infected your device with malware, gained access to your webcam and recorded you watching porn. There is a request to pay up via bitcoin to keep quiet or else they will forward it to your friends and family. So far, so much to ignore. But here's the clever/nasty bit; they have a password that you’ve used with a website or forum and they share it back with you as some kind of “proof†that you’ve been hacked. This is where people start to panic.
What’s actually happened is that they’ve breached the security of the site that the password came from. I’ve had two of these mails in the past couple of weeks. Both with the same password, and it’s the password I use here. I use a password manager and my passwords are random strings of characters. The likelihood of the password manager I use being breached is negligible. I do not ever use the same password on multiple sites.
I can only assume that someone has breached the security of this forum. I did search the forum before posting this but I could not find anything alerting users to the possibility.
You may wish to change your passwords
Raised with Admin - way above my pay grade!CaesarBob wrote:... hopefully the admin/mods will be along to advise more soon
Charles
Teacher of Chemistry and driver of ALPINAs - not necessarily in that order
B3S Touring (49/116) - been to the moon and now on the way back!
Renault Grand Espace - not mine but the wife's!
Teacher of Chemistry and driver of ALPINAs - not necessarily in that order
B3S Touring (49/116) - been to the moon and now on the way back!
Renault Grand Espace - not mine but the wife's!
Hi Guys
No clear picture yet but am in process of investigating - I've upgraded a few things and as you say changed passwords etc. I'm also looking at how quickly I can swap to completely use https.
If you have anything that can help me work out the source of this please forward to me - either by pm or email.
Thanks
Neil
No clear picture yet but am in process of investigating - I've upgraded a few things and as you say changed passwords etc. I'm also looking at how quickly I can swap to completely use https.
If you have anything that can help me work out the source of this please forward to me - either by pm or email.
Thanks
Neil
Last edited by neil on Wed Feb 13, 2019 10:28 am, edited 1 time in total.
-
- ALP
- Posts: 159
- Joined: Thu Aug 28, 2008 7:48 pm
- Location: Northamptonshire
Unfortunately I can also confirm this has happened to me with a password specific only to this site.
Pete
Pete
_____________________________________
2008 BMW Alpina B3 Biturbo Coupe no.137
2003 BMW Alpina B3s Coupe no.16
2014 BMW 525d M-Sport
2010 BMW 320d M-Sport
2000 BMW Alpina B3 3.3 Saloon no. 213
1995 BMW 328i Coupe
1989 Ford Escort XR3i lux
2008 BMW Alpina B3 Biturbo Coupe no.137
2003 BMW Alpina B3s Coupe no.16
2014 BMW 525d M-Sport
2010 BMW 320d M-Sport
2000 BMW Alpina B3 3.3 Saloon no. 213
1995 BMW 328i Coupe
1989 Ford Escort XR3i lux
Hi all
The advice given re. ignoring the email is right - it is just someone exploiting a single piece of information to imply a huge issue for the person (porn etc.)
I do however strongly advise people to not use the same password everywhere - especially to secure sites or sites that can be exploited financially. Password managers are the simplest way to achieve this and are typically easy to use once you set them up.
If people use the same password here as they do elsewhere then I do suggest that you need to look to change all your passwords.
Sorry for the inconvenience and we are doing everything we can to track down the issue / secure the site further to avoid any further risks.
If anyone has any specific concerns please PM or email me.
Thanks
Neil
The advice given re. ignoring the email is right - it is just someone exploiting a single piece of information to imply a huge issue for the person (porn etc.)
I do however strongly advise people to not use the same password everywhere - especially to secure sites or sites that can be exploited financially. Password managers are the simplest way to achieve this and are typically easy to use once you set them up.
If people use the same password here as they do elsewhere then I do suggest that you need to look to change all your passwords.
Sorry for the inconvenience and we are doing everything we can to track down the issue / secure the site further to avoid any further risks.
If anyone has any specific concerns please PM or email me.
Thanks
Neil
I received this e-mail and was terrified. I raised it with my IT literate 16 year old who informed me that it was rubbish.
I will change my Password at once. Thanks for informing us.
I will change my Password at once. Thanks for informing us.
1999 #032 Alpina B3 3.3 saloon (UK Press Car) - Buchloe Beast
2000 Porsche Boxster S - Viola
2015 Audi A4 Avant Ultra - Wife's car
2002 VW Lupo 1.4 16v - Daughter's car
2000 Porsche Boxster S - Viola
2015 Audi A4 Avant Ultra - Wife's car
2002 VW Lupo 1.4 16v - Daughter's car
- Stuart Truman
- ALPI
- Posts: 315
- Joined: Thu Jul 28, 2011 12:14 am
I’ve got a background in IT security.
https is only encrypting the traffic between your browser and the server although implementating this would be a good idea.
The biggest concern I have is that the passwords are stored in plain text unencrypted. If this is the case then this is a major flaw in the design of the software the site runs on. I’d assume there’s a support community for the software you’re using and I t might be worth checking out if other people have seen the same thing. If so then the authors really need to get a patch out. I’m assuming you’re up to date with available patches.
Not knowing the software the board runs on, I can’t really comment further.
https is only encrypting the traffic between your browser and the server although implementating this would be a good idea.
The biggest concern I have is that the passwords are stored in plain text unencrypted. If this is the case then this is a major flaw in the design of the software the site runs on. I’d assume there’s a support community for the software you’re using and I t might be worth checking out if other people have seen the same thing. If so then the authors really need to get a patch out. I’m assuming you’re up to date with available patches.
Not knowing the software the board runs on, I can’t really comment further.
Hi StuartStuart Truman wrote:I’ve got a background in IT security.
https is only encrypting the traffic between your browser and the server although implementating this would be a good idea.
The biggest concern I have is that the passwords are stored in plain text unencrypted. If this is the case then this is a major flaw in the design of the software the site runs on. I’d assume there’s a support community for the software you’re using and I t might be worth checking out if other people have seen the same thing. If so then the authors really need to get a patch out. I’m assuming you’re up to date with available patches.
Not knowing the software the board runs on, I can’t really comment further.
The passwords are definitely only stored encrypted.
Thanks
Neil
I've heard of this scam a few months ago, and one work collegue told me his experience.
I believe that the password that the scammer has for anyone are old passwords, possible a password used years ago from an old email account etc.
As we normally are asked to change passwords or change accounts throughout the years I guess most don't apply any longer.
Thinking of this site, I have the same password for this site as I started with.
Is it worth changing your password for this site.......
I'm not fussed as I know the scammer won't have video footage of me whilst I'm on this site..... or at least I hope not
Onzie
I believe that the password that the scammer has for anyone are old passwords, possible a password used years ago from an old email account etc.
As we normally are asked to change passwords or change accounts throughout the years I guess most don't apply any longer.
Thinking of this site, I have the same password for this site as I started with.
Is it worth changing your password for this site.......
I'm not fussed as I know the scammer won't have video footage of me whilst I'm on this site..... or at least I hope not
Onzie
B6 Convertible
B3s Bi-Turbo Tourer
B3s Bi-Turbo Tourer
- Hector's Dad
- ALP
- Posts: 276
- Joined: Mon Jun 22, 2009 12:16 pm
- Location: Hampshire
- Contact:
I'm not convinced the breach was this forum. I started receiving these emails (up to 15 per day at the height!) in (I think) November last year. If it was this site, we'd all have had them and this would have been raised by someone before now.
D4 BT Coupé No. 166
D3 BT Coupé No. 127 (Sold at 147,000 miles)
D3 BT Coupé No. 127 (Sold at 147,000 miles)