Forum is open for all, Tracker is invite only. Please use same username as on both when you register...

Username: Log me on automatically each visit
Password:
It is currently Fri Nov 22, 2024 4:07 am


Post a new topicPost a reply Page 1 of 1   [ 3 posts ]
Author Message
 Post subject: Site has been breached (Solved)
PostPosted: Wed May 10, 2017 2:29 pm 
User avatar

Joined: Mon Oct 28, 2013 10:17 pm
Posts: 6
Hey guys,
I use a specific email address for this site that has never been used elsewhere, and I recently got a malicious spam email to that email address.

The only explanation for that is that your site has been compromised and they have access to the user database.

Just wanted to alert you to the problem and, if users passwords weren't properly encrypted...you need to email everyone to let them know to change their passwords.


Top
 Profile  
Reply with quote  
 Post subject: Re:
PostPosted: Wed May 10, 2017 5:51 pm 
Site Admin
User avatar

Joined: Tue Apr 07, 2009 12:53 pm
Posts: 13407
Location: In front of you
Hello,

I understand your concern, but to be honest, it doesn't have to mean that our site has been breached. If this happens to only one person in soon 9 years I don't see it as evidence that someone has breached our database. There are multiple other factors that could make you receive a spam email without using the email on any site. You might not be aware of this but there are spammers sending spam emails to any possible email combination out there, and if your email is a gmail or hotmail or any other generic email service you are likely to receive spam, specially if the prefix is an existing word, no matter what you do. For example flower@hotmail.xom or crazyguy@gmail.xom etc will easily receive spam emails without signing up anywhere. Once the spammers have hacked a server that they can send spam from they easily send out hundreds of thousands of spam emails in a day, and most of them go to nobody...

I know this partly because I work with internet security and other related issues on a daily basis and have both experience and interest to study these things, and I have personally experienced creating an unique email that I never sent an email from nor signed up anywhere with that I after a certain time started receiving spam to.

It is also possible that your own computer has been compromised of course, there are plenty of trojan-like malware out there that snatch your email addresses from your own hdd and send them to hackers/spammers. Hopefully this is not the case!

That said, I will of course look into this and create a few honeypot emails etc to see if I see any odd behaviour. And make a revision of the security to make sure there are no holes.

I have contacted you in a private message for more details.

If anyone else has experienced anything similar please let us know!!!

_________________
Image
So you wanna be a [bleeping] member? => Get access to the community <=

Image

Looking for a seedbox? RuTorrent, qbitTorrent, Deluge and Transmission included in all packages! Unlimited torrents, unlimited transfers!
Perfect for both beginners and professionals. Watch the files directly in your browser without downloading or download to your device, up to you!

Image
Really Fast 1 Gbit seedboxes - Professional support 24/7/365 - Click to learn more
To get a recurring 10% discount on all seedbox packages use the PROMO CODE: mmatorrents


Top
 Profile  
Reply with quote  
 Post subject: Re:
PostPosted: Wed May 10, 2017 7:46 pm 
Site Admin
User avatar

Joined: Tue Apr 07, 2009 12:53 pm
Posts: 13407
Location: In front of you
For the matter of clarification:

I see that the spam email was sent to ***********@******.net
That email does not exist anywhere in our databases.
You are registered here on the forum as well as on the tracker with the email *******.********@gmail.com
I have double and triple checked and the email ***********@******.net is not anywhere in our databases.
This means that the spammer could not have gotten the email from our database.
So I deduct that there has not been a breach.

::thumright::

_________________
Image
So you wanna be a [bleeping] member? => Get access to the community <=

Image

Looking for a seedbox? RuTorrent, qbitTorrent, Deluge and Transmission included in all packages! Unlimited torrents, unlimited transfers!
Perfect for both beginners and professionals. Watch the files directly in your browser without downloading or download to your device, up to you!

Image
Really Fast 1 Gbit seedboxes - Professional support 24/7/365 - Click to learn more
To get a recurring 10% discount on all seedbox packages use the PROMO CODE: mmatorrents


Top
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
Post a new topicPost a reply Page 1 of 1   [ 3 posts ]


Who is online

Users browsing this forum: No registered users and 43 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  

 
Powered by phpBB © 2000 - 2023 phpBB Group
Theme By: Nikkbu
Twitter RSS Feed Twitter