Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Announcement: Forum Back Up, Private Message Spam

arn

arn

macrumors god
Original poster
Staff member
Apr 9, 2001
16,416
5,882
Hi all,

We were down for a few hours due to a large spam attack targeting the private messaging. We've cleaned it up, but the cause of the problem was Individual account passwords that were too easy to guess.

Please choose secure passwords. Those accounts that were compromised have had their passwords reset. You will need to choose a new password that is secure.

I had to delete many spam messages. I don't believe I affected anyone's legitimate private message, but be on alert.

Also, we upgraded to the latest vbulletin version. There may be some discrepancies and search may be broken. I'll have to check on that.

arn
 
not to this magnitude. It was a script.

arn
 
arn said:
Hi all,

We were down for a few hours due to a large spam attack targeting the private messaging....
Click to expand...

Whew, 65,535 unread PM's? Talk about large spam attack. Glad it's back up now though, thanks arn and crew.
 
I'm just glad it's back on-line...although the forums still seem to be lagging a little bit
 
Here are Google's tips on picking a good password.

If you need to reset your MacRumors password, here's the procedure:
  1. Make sure you can receive email from webmaster@macrumors.com. If necessary, whitelist the address or add it to your address book.
  2. Go to the Lost Password Recovery Form.
  3. Fill in your MacRumors account's email address and click the Request Username / Password Now button. If you get the message "You have not entered an email address that we recognise" and aren't sure which of your email addresses is associated with your MacRumors account, try each of the possibilities.
  4. Once you get the message "Your username and details about how to reset your password have been sent to you by email", check your email for a message from webmaster@macrumors.com with subject "Your login details for Mac Forums".
  5. In the email is a link to reset your MacRumors password. Click the link.
  6. Wait for another email message from webmaster@macrumors.com, this time with subject "Your new password for Mac Forums". In the email is your new password, which is a number of up to 8 digits.
  7. Go to the Edit Email & Password page.
  8. When prompted for your password, fill in your numeric password from the email.
  9. On the "Edit Email & Password" page, fill in your numeric password and a new password where asked. Do not pick an easy-to-guess password, such as your user name or a word that is in the dictionary. Remember it or write it down in a secure place.
  10. Click the Save Changes button. You now have a new and secure password!
If you have no idea what your account's email address is, or if you know it but you no longer have access to that email account, you will need to use the Contact form to ask the administrators for advice or assistance.
 
Looks like someone got a little mad because they didn't get their iPhone this week.
 
people's PM counts may have been messed up.

If so, let me know. Like it says you have 1 unread message and you don't etc...

arn
 
Could this have been what caused the slow down earlier or is it unrelated.
 
Did the spam messaging originate from just a few sock-puppet and zombie accounts, or did they originate from a billion different user accounts? Because if it's the former then you could just turn on a private message post per minute cap. If there were 50,000 separate accounts sending 1 spam message over the course of an hour, that's harder to deal with than 50 accounts sending 1000 private messages per hour.
 
motulist said:
Did the spam messaging originate from just a few sock-puppet and zombie accounts, or did they originate from a billion different user accounts? Because if it's the former then you could just turn on a private message post per minute cap. If there were 50,000 separate accounts sending 1 spam message over the course of an hour, that's harder to deal with than 50 accounts sending 1000 private messages per hour.
Click to expand...

It was across 1800 accounts with very weak passwords.

arn
 
arn said:
It was across 1800 accounts with very weak passwords.

arn
Click to expand...

Maybe you could create a messaging rule system that will curtail private messaging per hour privileges in relation to the user's forum activity level. So If a user account hasn't made 1 forum post in the past year then then can't send private messages, if they made under 5 forum posts in the past year then they can send 2 private messages, 1 posts per month allows 5 private messages, etc.

Also, maybe you could have the registration system reject common passwords automatically and have it suggest an alternate password.
 
You would hope that in this day and age that people would make stronger passwords. Letters and numbers, "dog" doesn't count as a strong password.
 
So how does the script work? Was it like a list of everyones name on the forums, and then a huge list of passwords and then they were matched up? Then the spam messages were sent out?


It's good you quit your job Arn, otherwise you'd be tired for work tomorrow :)
 
motulist said:
Also, maybe you could have the registration system reject common passwords automatically and have it suggest an alternate password.
Click to expand...
I would very much like to have obvious-password-checking as a MacRumors feature. A poorly chosen password isn't just a risk to that member's security/privacy, but to every other member who may get an unsolicited PM from a "zombie account".
 
last version of our branch. :)

arn
Click to expand...

Any particular reason why you didnt go with the 3.7.2? I dont know a whole lot about "branches" (and if there is too much to explain feel free to tell me to shut up, I wont take it personal :p ). Is it that going from 3.6 to 3.7 is a lot harder than 3.6.* to another 3.6.*+ ?
 
The newest version of vBulletin has changes that will require more preparatory work, to set settings and make choices for new features. It will also require us to re-customize some scripts that we've modified to suit this site. The goal tonite was to apply some patches and get back up and running.
 
Me1000 said:
Any particular reason why you didnt go with the 3.7.2? I dont know a whole lot about "branches" (and if there is too much to explain feel free to tell me to shut up, I wont take it personal :p ). Is it that going from 3.6 to 3.7 is a lot harder than 3.6.* to another 3.6.*+ ?
Click to expand...

ya, what Q said. it will break things. The priority tonight was just to get any security fixes in place.

arn
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back