Bot Problem - 2024

[dogluver101]

Doesn't look like I've been affected, and my password is a unique and strong one, but would this activity appear in our account's "Your Content" view?

it would, but once deleted only mods can see.

 

[Uma Oshichi]

Just flagged one!

---

*types:
user: IHO
pass: "a unique and strong one"
* logs in*
?

 

[Mammal-lover]

Wait so there isn't local singles in my area? Damn explains so much

 

[UR20Z]

Dammit! Not again!

I TOLD you to use something better than 123456... Didn't the luggage incident teach you ANYTHING?!?!?

 

[Badgeryiff]

Thanks for keeping this place alive in the background, mods. Really appreciate having it to come back to over the years.

 

[Petergozinyah]

Hello,

So as some of you have already noticed, we seem to being hit by another wave of bots logging into people's accounts and posting spam on the account's behalf, trying to get people to click on a link for a "dating website." This likely isn't targeted at us, nor is it a problem with the Xenforo forum software, as this same bot has also infiltrated forums running on MyBB and Invision Community.

So far I've configuring ZooVille to capture the posts and make them invisible for normal users. It's possible that some posts my still wind up on the forum. If that is the case, please report them.

Here's what we know, and here's what you'll need to do if you can suddenly no longer login:

This bot is only logging into people's accounts. The bot is not changing people's passwords. It pretty much logs in, makes a spam post, then immediately logs out. So most likely this is either from the LastPass breach, or from a computer virus.

Since it's not changing people's passwords, what I'm doing is forcing a password change on the accounts that have been compromised instead of outright banning them. The user will need to log into their email and will need to set a new password by clicking on the password reset link. I'd also advise changing the password on every single account you've used the same password on.

DOWN WITH THE MACHINES THEM SONS OF BITCHES. Oh know they are ZOOPHILES TOO AWWWW

 

[Petergozinyah]

Thanks for telling us this is happening. It also reminds us to keep an eye on our bank accounts and other things just in case a virus or other nasty software steals the password. I am sure too many people out there know the misery that can cause!! Would Yubikeys work on this site? I never had one so I would not know exactly the way they work. I just know that a lot of people seem to use them. Just don't use one and assume all is well. Keep an eye on accounts just incase those pesky hackers come up with something new!

I bank with Huntington they are on everything great bank every action in my account is te t to me prior to paying out

 

[Mesond]

Ever since Stuxnet (a very effective virus everyone got their hands on) it's been causing a big leap in cyber warfare. Stuxnet is the kind of virus that will shut down centrifuges and steal research data from other countries. So yea, more advanced tech for all. Hence the leap in AI tech. Hence more effective bots. Cyber warfare is a reality now.

People get paranoid about showing themselves. But be mindful of bank account details and such. Personally I just go to the bank in person.

 

[p3rv_sub]

I TOLD you to use something better than 123456... Didn't the luggage incident teach you ANYTHING?!?!?

12345?

 

[UR20Z]

12345?

Yes, that was indeed the reference I was making...

 

[KnottedUp99]

I don't know anymore.... what is this world coming to, when you can't even trust the internet. ?

THANK YOU Floofy!

 

[pes]

Looks like it has died down again. At least I have not noticed many bot dating posts recently.

 

[Cookiecaretaker]

Looks like it has died down again. At least I have not noticed many bot dating posts recently.

meet a polar bear near u call : 0900 - POLARPLEASURE

 

[rylie9518]

That sucks

Yeah

 

[zpourquoipas]

Merci pour les information

 

[eN0nym0us]

Guys i have a question i was using yand,ex as my mail for this group but one day this site asked to change my mail provider so i did but now i do not remember what email i used, is there a way to fin my account or is it lost?

 

[dogluver101]

Guys i have a question i was using yand,ex as my mail for this group but one day this site asked to change my mail provider so i did but now i do not remember what email i used, is there a way to fin my account or is it lost?

contact @FloofyNewfie

 

[dirtydancer]

Hallo,

Wie einige von Ihnen bereits bemerkt haben, werden wir offenbar von einer weiteren Welle von Bots heimgesucht, die sich in die Konten anderer Benutzer einloggen und im Namen dieser Benutzer Spam posten, um die Benutzer dazu zu bringen, auf einen Link zu einer „Dating-Website“ zu klicken. Dies zielt wahrscheinlich nicht auf uns ab und ist auch kein Problem mit der Xenforo-Forum-Software, da derselbe Bot auch Foren infiltriert hat, die auf MyBB und Invision Community laufen.

Bisher habe ich ZooVille so konfiguriert, dass die Beiträge erfasst und für normale Benutzer unsichtbar gemacht werden. Es ist möglich, dass einige Beiträge trotzdem im Forum landen. Wenn das der Fall ist, melden Sie sie bitte.

Folgendes ist uns bekannt und Folgendes müssen Sie tun, wenn Sie sich plötzlich nicht mehr anmelden können:

Dieser Bot meldet sich nur bei den Konten der Benutzer an. Der Bot ändert keine Passwörter der Benutzer. Er meldet sich einfach an, erstellt einen Spam-Beitrag und meldet sich dann sofort wieder ab. Dies ist also höchstwahrscheinlich entweder auf den LastPass-Verstoß oder auf einen Computervirus zurückzuführen.

Da ich die Passwörter der Benutzer nicht ändere, erzwinge ich eine Passwortänderung für die kompromittierten Konten, anstatt sie direkt zu sperren. Der Benutzer muss sich bei seiner E-Mail anmelden und ein neues Passwort festlegen, indem er auf den Link zum Zurücksetzen des Passworts klickt. Ich empfehle außerdem, das Passwort für jedes einzelne Konto zu ändern, für das Sie dasselbe Passwort verwendet haben.

Danke für die Info,ich habe mich schon gewundert. Ich habe mich nun ganz neu registriert und freue mich wieder dabei sein zu können.

 

[roverslave]

can't get past this page lol

 

[CrossedDestiny]

Really should put CloudFlare on this site, it has some mitigation that make it more difficult for bots to mess with. It makes a significant difference to the security posture. That's how BF survived as long as it did, i know they came under heavy attack in their final years...

 

[pelomilo]

Hello,

So as some of you have already noticed, we seem to being hit by another wave of bots logging into people's accounts and posting spam on the account's behalf, trying to get people to click on a link for a "dating website." This likely isn't targeted at us, nor is it a problem with the Xenforo forum software, as this same bot has also infiltrated forums running on MyBB and Invision Community.

So far I've configuring ZooVille to capture the posts and make them invisible for normal users. It's possible that some posts my still wind up on the forum. If that is the case, please report them.

Here's what we know, and here's what you'll need to do if you can suddenly no longer login:

This bot is only logging into people's accounts. The bot is not changing people's passwords. It pretty much logs in, makes a spam post, then immediately logs out. So most likely this is either from the LastPass breach, or from a computer virus.

Since it's not changing people's passwords, what I'm doing is forcing a password change on the accounts that have been compromised instead of outright banning them. The user will need to log into their email and will need to set a new password by clicking on the password reset link. I'd also advise changing the password on every single account you've used the same password on.

Danke