Jump to content
 

Spam email following site hack


Recommended Posts

Following the topic here http://www.rmweb.co.uk/community/index.php?/topic/55302-site-hack-now-overcome/ that RMweb was disrupted by activist hacking it is apparent that users may receive spam emails which publicise Anonymous.net - an example of which is shown below.

 

Dear Anonymous,

 

The purpose of this message is to inform you about the Revolution:

 

OCCUPY HOUSES OF PARLIAMENT IN LONDON ON NOVEMBER 5, 2012.

OCCUPY CONGRESS IN WASHINGTON D.C. ON NOVEMBER 11, 2012.

 

STOP WAR.

CANCEL ALL DEBT.

REDISTRIBUTE WEALTH.

 

Please, watch the "Nazi Banksters Crimes Ripple Effect" movie to find out why, how, and to have sound arguments to persuade others. The movie can be easily found with a search engine.

 

Please, print the flyers at 2012jubilee.info and distribute them.

 

Please, spread this message and the movie to everyone you know.

 

-Anonymous

 

(Please don't visit those links, it's just illustrate the email!)

 

It is likely that the hack harvested the email addresses users registered on the site with and as a precautionary measure I would recommend users to change their site password. This can be done by clicking on your name at the top right and click on My Settings. Head for the Email and Password tab at the left and change the password to a new one which is different to anything you use anywhere else.

 

I am dissatisfied with the responses from the community software provider, Invision, although I have further escalated the matter this morning as this is obviously a security loophole in their software or third-party software Invision approves and makes available to users. Statutory bodies have been advised but that's very slow. I will be working to continue investigating and resolving the matter.

 

It is also apparent that there are still some effects on site performance and I ask that you bear with me whilst I work at this. You may receive further junk email from Anonymous, just ignore it in the same way as you do for Viagra and bank password requests!

 

There is no need to report in this topic that you've received the emails too as I'm working on the assumption everyone has.

Link to post
Share on other sites

I've just managed to change my password. Logged out then back in but although I am logged in with my new password I got an error message stating that my login could not be processed!

However, all my ontent etc stills seems to be there so I guess everything went ok.

T

Link to post
Share on other sites

  • RMweb Premium

Well, I haven't currently received any spam emails, and I choose to directly monitor my spam and not have it done by my ISP, so along with something Martin Wynne said in the other thread regarding the hacking, I wonder if the email addresses have been harvested from the old RMweb 3. I changed my email after RMweb 4 started IIRC, which may be why I've not received the spam.

Link to post
Share on other sites

I received the email on two different email accounts, only one of which is registered with RMweb. Maybe I used the the other one to register a long time ago but I don't recall doing so. Perhaps my email addresses were harvested from another source.

 

Nick

Link to post
Share on other sites

  • RMweb Premium

Bear in mind that, as I understand it, more forums and sites were hacked than just RMweb, so it's quite possible that their harvesting of the email addresses could come from any number of sources.

Link to post
Share on other sites

  • RMweb Gold

I wasn't able to get into the site while Andy was dealing with the hack and thus far have not received any emails from anonymous dumbos r' us. So was this because I wasn't on the site when they went harvesting or was it because I have a password for RMweb which isn't (wasn't) used for anything else?

Link to post
Share on other sites

So this is how the "British Autumn" is to begin - by using social media to spread the word, just like in Arabia.

 

I cannot think of a better way to antagonise your potential supporters than to steal their usernames, and possibly their passwords, by hacking into a benign forum site.

 

Yet their methods must have been pretty sophisticated to do so much damage.

 

Ian

Link to post
Share on other sites

I am dissatisfied with the responses from the community software provider, Invision, although I have further escalated the matter this morning as this is obviously a security loophole in their software or third-party software Invision approves and makes available to users.

 

Absolutely staggered that such basic information is not encrypted in the database. Though I do realise that there are other ways of gleaning this information.

Link to post
Share on other sites

  • RMweb Premium

I had spam for breakfast this morning, I wondered if it might have been linked to the site hack. Many thanks Andy for the confirmation and advice to change passwords and thanks too to Martin for the link, a simple process made easier.

Link to post
Share on other sites

I can't remember my password for the e-mail address listed in my profile, should I be worried?

 

Not particularly unless it shared the same password as your login on here. It's just prudent to change the password on here in case any of those were accessed although all passwords are encrypted and even I can't access them.

Link to post
Share on other sites

  • RMweb Gold

Not particularly unless it shared the same password as your login on here. It's just prudent to change the password on here in case any of those were accessed although all passwords are encrypted and even I can't access them.

Remembered the password and found two e-mails from Jerks for Justice in the Spam folder...

Link to post
Share on other sites

  • RMweb Premium

Well, I haven't currently received any spam emails, and I choose to directly monitor my spam and not have it done by my ISP, so along with something Martin Wynne said in the other thread regarding the hacking, I wonder if the email addresses have been harvested from the old RMweb 3. I changed my email after RMweb 4 started IIRC, which may be why I've not received the spam.

 

I had one this morning. The address it was sent to is only used for RMWeb, and I only joined last October, so I think that is conclusive that they got at least some of the subscriber email list.

 

Thanks to Andy an the team for getting things back up and running in a timely fashion.

 

 

Adrian

Link to post
Share on other sites

Haven't had "anonymous" emails yet but starting a day or so before RMweb's problem, I've been getting Returned / undeliverable emails from something called Craig's List which were not initiated by me. Now also getting emails asking if the car / van / bike (varies from email to email) is still available. All from the USA or Canada I think.

Changing email address seems the only option! Damn Hackers!!!

Link to post
Share on other sites

Archived

This topic is now archived and is closed to further replies.


×
×
  • Create New...