....
Registered User
Hacked: 45 Million Car Forum Accounts
....
Last edited by Sugarphreak; 08-15-2019 at 05:58 PM.
The Gimp
Fuck.
Registered User
Thx for this, and fuck!!!
Originally Posted by Disoblige
This quote is hidden because you are ignoring this member. Show QuoteThis quote is hidden because you are ignoring this member. Show Quote
Super Moderator
Beyond Bully
^^^ lol...*he*must be from China!
haha I am only on Beyond!
Can Beyond get hacked? lol don't know what safe guards raj has on this place.
Last edited by max_boost; 06-15-2016 at 01:15 PM.
I am user #49Originally posted by rage2
Shit, there's only 49 users here, I doubt we'll even break 100
Guest
Anything can get hacked. IIRC googe was able to steal my beyond password a few years back looking for holes in vBulletin because of a shitty add-on which we ended up patching. TBH vBulletin isn't the most secure software out there, and the addons are even worse. All my forum passwords are throwaway passwords, I just assume they're all insecure.
Then there's the whole HTTPS issue. Browsers as recent as last year would throw popup errors on pages that mixed HTTPs and HTTP content, which made it impossible to implement HTTPS because people would embed images using the IMG tag with http image URLs. Only recently have browsers gotten rid of those popup warnings so that forums can sorta transition half decent to HTTPs. With all forum traffic on http and vbulletin sending the MD5 password as a cookie, someone with a network sniffer would be able to steal MD5 password of anyone using the forum. Go and change your password and you lose your unencrypted password.
Originally posted by SEANBANERJEE
I have gone above and beyond what I should rightfully have to do to protect my good name
Registered User
I'm on so many of those forums that I don't even know where to begin. Sometimes I find my self trying to sign up only for it to tell me "email address already has existing account".. and then I realize I've already signed up ages ago
Registered User
meh, my forum passwords are generic
Beyond Bully
I don't know what any of that meant but what is there to gain from the hack? They sell the accounts? Money? Shits and giggles? Spam everyone? All of the above?
I am user #49Originally posted by rage2
Shit, there's only 49 users here, I doubt we'll even break 100
Registered User
thx, changed my passwords on a few listed.
Registered User
Email lists are worth a lot of money. Esp useful if you're a car company, or some other vendor in the niche.
Ill bet those Ferrari and Lambo forum members rank in a high demographic. Hit them up with penis enlargement promos ....
Last edited by revelations; 06-15-2016 at 01:35 PM.
Guest
These hacks assume you use the same password everywhere. If they got into the database, they'll have your username, email, and MD5 password hash. They will be able to login to any other service that uses MD5 to hash passwords, which really is limited to vbulletin that's older than ~2014 or forums that use newer vbulletin but use MD5 as a hash to not require users to reset password when they upgraded.Originally posted by max_boost
I don't know what any of that meant but what is there to gain from the hack? They sell the accounts? Money? Shits and giggles? Spam everyone? All of the above?
If you use a simple stupid password, you can brute force it back to plain text fairly quickly, in which case if you use it anywhere else, well, you're fucked.
Originally posted by SEANBANERJEE
I have gone above and beyond what I should rightfully have to do to protect my good name
Registered User
Bob Saget! I'm on 2 of those more password changes. Luckily I don't use the same password on multiple sites ever.
Thanks for the heads-up
Registered User
Thanks for the heads up
Registered User
Damn eh. Bastards.
"The most merciful thing in the world, I think, is the inability of the human mind to correlate all its contents... some day the piecing together of dissociated knowledge will open up such terrifying vistas of reality, and of our frightful position therein, that we shall either go mad from the revelation or flee from the light into the peace and safety of a new Dark Age."
-H.P. Lovecraft
FKA: 2EFNFAST
Registered User
There is no way I would trust forums with my real info. All my forums passwords are throwaways.
By the way, the bigger news today on account hack is the ISIS kill list.
http://www.cbc.ca/news/canada/isis-k...ians-1.3637214
In analyzing the Canadian data, CBC has learned that most email addresses (71 per cent) appear to have been hacked at some point, either in an old LinkedIn hack or one from Myspace or Adobe. It is possible the information from those hacks was simply pushed around from group to group. Some of the information may exist in the public domain.
Last edited by Xtrema; 06-15-2016 at 03:54 PM.
Guest
Looks like they're forcing the password changes and emailing out new passwords. So far I've got 2 password has been changed emails from 2 affected forums. Pretty sure I'll have more throughout the night.
Originally posted by SEANBANERJEE
I have gone above and beyond what I should rightfully have to do to protect my good name
Registered User
I wonder if this is why the amount of spam my one email account has been getting has increased 50 fold lately.
This quote is hidden because you are ignoring this member. Show QuoteThis quote is hidden because you are ignoring this member. Show QuoteThis quote is hidden because you are ignoring this member. Show Quote
Registered User
This has probably been happening for awhile now.
A few months ago, someone had tried to get into my MR2OC account and had even tried to reset the password.... only knew from the email notifications.
Photo by: Kevin Chow
Posting Permissions
Quote
