Andy Y Posted April 20, 2012 Share Posted April 20, 2012 Following the topic here http://www.rmweb.co.uk/community/index.php?/topic/55302-site-hack-now-overcome/ that RMweb was disrupted by activist hacking it is apparent that users may receive spam emails which publicise Anonymous.net - an example of which is shown below. Dear Anonymous, The purpose of this message is to inform you about the Revolution: OCCUPY HOUSES OF PARLIAMENT IN LONDON ON NOVEMBER 5, 2012. OCCUPY CONGRESS IN WASHINGTON D.C. ON NOVEMBER 11, 2012. STOP WAR. CANCEL ALL DEBT. REDISTRIBUTE WEALTH. Please, watch the "Nazi Banksters Crimes Ripple Effect" movie to find out why, how, and to have sound arguments to persuade others. The movie can be easily found with a search engine. Please, print the flyers at 2012jubilee.info and distribute them. Please, spread this message and the movie to everyone you know. -Anonymous (Please don't visit those links, it's just illustrate the email!) It is likely that the hack harvested the email addresses users registered on the site with and as a precautionary measure I would recommend users to change their site password. This can be done by clicking on your name at the top right and click on My Settings. Head for the Email and Password tab at the left and change the password to a new one which is different to anything you use anywhere else. I am dissatisfied with the responses from the community software provider, Invision, although I have further escalated the matter this morning as this is obviously a security loophole in their software or third-party software Invision approves and makes available to users. Statutory bodies have been advised but that's very slow. I will be working to continue investigating and resolving the matter. It is also apparent that there are still some effects on site performance and I ask that you bear with me whilst I work at this. You may receive further junk email from Anonymous, just ignore it in the same way as you do for Viagra and bank password requests! There is no need to report in this topic that you've received the emails too as I'm working on the assumption everyone has. Link to post Share on other sites More sharing options...
RMweb Gold beast66606 Posted April 20, 2012 RMweb Gold Share Posted April 20, 2012 just ignore it in the same way as you do for Viagra And what about those of us who don't Good advice. Link to post Share on other sites More sharing options...
meil Posted April 20, 2012 Share Posted April 20, 2012 I'm afraid that cliking on your name at top right does little. It just brings up a small box that says "what's on your mind?". Link to post Share on other sites More sharing options...
gordon s Posted April 20, 2012 Share Posted April 20, 2012 There is a drop down menu below 'whats on your mind'. Select my profile, edit my profile, email and password. Link to post Share on other sites More sharing options...
Tase Posted April 20, 2012 Share Posted April 20, 2012 I've just managed to change my password. Logged out then back in but although I am logged in with my new password I got an error message stating that my login could not be processed! However, all my ontent etc stills seems to be there so I guess everything went ok. T Link to post Share on other sites More sharing options...
RMweb Premium Ian J. Posted April 20, 2012 RMweb Premium Share Posted April 20, 2012 Well, I haven't currently received any spam emails, and I choose to directly monitor my spam and not have it done by my ISP, so along with something Martin Wynne said in the other thread regarding the hacking, I wonder if the email addresses have been harvested from the old RMweb 3. I changed my email after RMweb 4 started IIRC, which may be why I've not received the spam. Link to post Share on other sites More sharing options...
meil Posted April 20, 2012 Share Posted April 20, 2012 There is a drop down menu below 'whats on your mind'. Select my profile, edit my profile, email and password. sorry there is no drop down menu - that's all you get. Link to post Share on other sites More sharing options...
Edwin_m Posted April 20, 2012 Share Posted April 20, 2012 I don't see the drop-down (looks as if has been chopped off, may be an IE6 thing, don't beat me up please as it's the work PC!) but I got to the profile menu by clicking on my name in one of my posts. Link to post Share on other sites More sharing options...
gordon s Posted April 20, 2012 Share Posted April 20, 2012 That's strange, it should look like this.... Link to post Share on other sites More sharing options...
buffalo Posted April 20, 2012 Share Posted April 20, 2012 I received the email on two different email accounts, only one of which is registered with RMweb. Maybe I used the the other one to register a long time ago but I don't recall doing so. Perhaps my email addresses were harvested from another source. Nick Link to post Share on other sites More sharing options...
RMweb Premium Ian J. Posted April 20, 2012 RMweb Premium Share Posted April 20, 2012 Bear in mind that, as I understand it, more forums and sites were hacked than just RMweb, so it's quite possible that their harvesting of the email addresses could come from any number of sources. Link to post Share on other sites More sharing options...
RMweb Gold The Stationmaster Posted April 20, 2012 RMweb Gold Share Posted April 20, 2012 I wasn't able to get into the site while Andy was dealing with the hack and thus far have not received any emails from anonymous dumbos r' us. So was this because I wasn't on the site when they went harvesting or was it because I have a password for RMweb which isn't (wasn't) used for anything else? Link to post Share on other sites More sharing options...
RMweb Gold martin_wynne Posted April 20, 2012 RMweb Gold Share Posted April 20, 2012 sorry there is no drop down menu - that's all you get. You can change your email and password by clicking this link (it's worth bookmarking): http://www.rmweb.co....core&area=email regards, Martin. Link to post Share on other sites More sharing options...
clecklewyke Posted April 20, 2012 Share Posted April 20, 2012 So this is how the "British Autumn" is to begin - by using social media to spread the word, just like in Arabia. I cannot think of a better way to antagonise your potential supporters than to steal their usernames, and possibly their passwords, by hacking into a benign forum site. Yet their methods must have been pretty sophisticated to do so much damage. Ian Link to post Share on other sites More sharing options...
Kenton Posted April 20, 2012 Share Posted April 20, 2012 I am dissatisfied with the responses from the community software provider, Invision, although I have further escalated the matter this morning as this is obviously a security loophole in their software or third-party software Invision approves and makes available to users. Absolutely staggered that such basic information is not encrypted in the database. Though I do realise that there are other ways of gleaning this information. Link to post Share on other sites More sharing options...
RMweb Premium Neil Posted April 20, 2012 RMweb Premium Share Posted April 20, 2012 I had spam for breakfast this morning, I wondered if it might have been linked to the site hack. Many thanks Andy for the confirmation and advice to change passwords and thanks too to Martin for the link, a simple process made easier. Link to post Share on other sites More sharing options...
RMweb Gold Captain Kernow Posted April 20, 2012 RMweb Gold Share Posted April 20, 2012 I can't remember my password for the e-mail address listed in my profile, should I be worried?... (but changed my RMWeb password OK, thanks for the useful link from Martin Wynne).. Link to post Share on other sites More sharing options...
Andy Y Posted April 20, 2012 Author Share Posted April 20, 2012 I can't remember my password for the e-mail address listed in my profile, should I be worried? Not particularly unless it shared the same password as your login on here. It's just prudent to change the password on here in case any of those were accessed although all passwords are encrypted and even I can't access them. Link to post Share on other sites More sharing options...
RMweb Gold Captain Kernow Posted April 20, 2012 RMweb Gold Share Posted April 20, 2012 Not particularly unless it shared the same password as your login on here. It's just prudent to change the password on here in case any of those were accessed although all passwords are encrypted and even I can't access them. Remembered the password and found two e-mails from Jerks for Justice in the Spam folder... Link to post Share on other sites More sharing options...
RMweb Premium figworthy Posted April 20, 2012 RMweb Premium Share Posted April 20, 2012 Well, I haven't currently received any spam emails, and I choose to directly monitor my spam and not have it done by my ISP, so along with something Martin Wynne said in the other thread regarding the hacking, I wonder if the email addresses have been harvested from the old RMweb 3. I changed my email after RMweb 4 started IIRC, which may be why I've not received the spam. I had one this morning. The address it was sent to is only used for RMWeb, and I only joined last October, so I think that is conclusive that they got at least some of the subscriber email list. Thanks to Andy an the team for getting things back up and running in a timely fashion. Adrian Link to post Share on other sites More sharing options...
DonB Posted April 20, 2012 Share Posted April 20, 2012 Haven't had "anonymous" emails yet but starting a day or so before RMweb's problem, I've been getting Returned / undeliverable emails from something called Craig's List which were not initiated by me. Now also getting emails asking if the car / van / bike (varies from email to email) is still available. All from the USA or Canada I think. Changing email address seems the only option! Damn Hackers!!! Link to post Share on other sites More sharing options...
The Nth Degree Posted April 20, 2012 Share Posted April 20, 2012 No Anonymous spam in my email. Luck that I did check though, as I would have missed out on a bumper payday from this poor Nigerian chap who can't move his money out of the country. I've emailed him my bank details and I'm just waiting for the transfer now... Link to post Share on other sites More sharing options...
Coldgunner Posted April 20, 2012 Share Posted April 20, 2012 I got one in my email registered here. SOP this is now though, change passwords and keep eyes peeled. Not a criticism of rmweb, who have been very professional and upfront about whats happened. Link to post Share on other sites More sharing options...
Unchuffed Posted April 23, 2012 Share Posted April 23, 2012 I wondered where that one came from, I was having a laugh about it in couple of other places. The password isn't one I use elsewhere. Link to post Share on other sites More sharing options...
coachmann Posted April 23, 2012 Share Posted April 23, 2012 Just in case the info is of use, the 'Delete' facilty is currently missing from threads.... (15.45hrs) Link to post Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.