Hackers....tried to steal my account.

Royal · Sep 1, 2015

You should contact allsafe cybersecurity ASAP.

newenglandjeff · Sep 1, 2015

Just imagine what they could do if they were to hack into a NES profile...

rivet_42 · Sep 1, 2015

Just like Ashley Madison, I'm sure a mapping of board IDs to real-life names would be of interest to some people. I'm pretty sure the .gov TLAs already have their hands on that info, but there are a lot of antis who feel that the names and addresses of license holders/gun owners should be a matter of public record, as evidenced by some recent shenanigans in New York State. There are also burglars, etc., who would love to have address info of where to find peoples' gun collections.

bandaid bandit · Sep 2, 2015

Got one of those emails that someone attempted to access my account. Changed my password, speeding up work on turning my bedroom into a more or less faraday cage

Sent from my iPhone using Tapatalk

StevensMarksman · Sep 2, 2015

Yes this happened to me about two weeks ago. IP came from Luxembourg. I figured it was just some dick on a VPN trying to start some crap.

StevensMarksman

Sent from my iPhone using Tapatalk

EddieCoyle · Sep 2, 2015

It has been going on for a while:

http://www.northeastshooters.com/vbulletin/threads/275158-Hackers-tried-to-steal-my-account

BTSDOG · Sep 2, 2015

Reptile said:
If you make a crazy long and secure PW you'll be as protected from this.

Short of a hacker actually infiltrating the innards.

Not sure why hackers are targeting individual NES members.

Seems like a lot of work just to send out some spam.

Could there be evil intentions?

Probobly the AG's office.......

atilla · Sep 2, 2015

OP destroy your computer.

Spanz · Sep 2, 2015

Love Machine · Sep 2, 2015

Can we start filtering the IP addresses so nothing outside of NE gets in?

Bonesinium · Sep 2, 2015

EvilDragon said:
Can we start filtering the IP addresses so nothing outside of NE gets in?

That would prevent the members who no longer live in the northeast and people who travel from posting. Not sure it's even possible but a terrible idea either way.

endus · Sep 2, 2015

Make sure your password is decent, everything will be OK.

It's all automated bullshit, no one cares about any one here's individual NES account. Just ignore it and/or change your password.

EvilDragon said:
Can we start filtering the IP addresses so nothing outside of NE gets in?

Short answer: No.

akma · Sep 2, 2015

So really what is to be gained by hacking an account?

LoginName · Sep 2, 2015

akma said:
So really what is to be gained by hacking an account?

Spamming the website and/or users via IM or email

Hoping that the member uses the same username and password for more sensitive accounts like banking.

Some men just like to see the world burn.

wheelgun · Sep 2, 2015

They tried to hack me too, 199.127.226.150.
Not sure why they'd bother, I don't keep much money in my NES account [laugh]

Reptile · Sep 3, 2015

wheelgun said:
They tried to hack me too, 199.127.226.150.
Not sure why they'd bother, I don't keep much money in my NES account

In a few years I bet vBulletin will offer 2 Step Verification.

Probably in no rush since they don't even offer SSL for sign in.

I hope nobody breaks into my NES Vault. I have a ton of guns, ammo, gold and silver, porn and girls tucked away inside.

I guess I should not really worry since they are digital.

My real safe only holds one gun and I always have it on me.

I just hope they don't take away my best porno mag - Hustler.

atilla · Sep 3, 2015

Reptile said:
Probably in no rush since they don't even offer SSL for sign in.

it was just implemented.

Reptile · Sep 3, 2015

atilla said:
it was just implemented.

I have been calling for that for years.

I even agreed to pay Derek part of the cost if there was one to upgrade and add that feature.

Let me know if I should throw some bucks for the effort if this was an added expense.

atilla · Sep 3, 2015

Reptile said:
I have been calling for that for years.

I even agreed to pay Derek part of the cost if there was one to upgrade and add that feature.

Let me know if I should throw some bucks for the effort if this was an added expense.

send him the cash. i'll take a 50% finder's fee btw.

Reptile · Sep 3, 2015

atilla said:
send him the cash. i'll take a 50% finder's fee btw.

If that feature cost extra money, I'll honor whatever amount I said. I just can't find that old thread.

atilla · Sep 3, 2015

Reptile said:
If that feature cost extra money, I'll honor whatever amount I said. I just can't find that old thread.

you said fifty bucks. i read the thread yesterday.

Reptile · Sep 3, 2015

atilla said:
you said fifty bucks. i read the thread yesterday.

Did I saw that I would flat out pay $50 or was it contingent on there being a cost for the SSL "upgrade"?

Ok! I'll be sending the $$$!!!

This is awesome...

OP is here:

http://www.northeastshooters.com/vb...-for-login-I-will-donate-50-to-make-it-happen

It really did cost some money in software and programming time.

I think this is a great way to help secure the site!

endus · Sep 3, 2015

Better would be to move the entire board to SSL (well...TLS) which would keep prying eyes out of the content unless people's employers are proxying the cert.

Costs resources, though. I have a board that offers SSL, but it gets a tiny tiny fraction of the traffic this place does.

jasons · Sep 3, 2015

Merged threads....

Use a strong password and you'll be fine.

sHORTY · Sep 8, 2015

endus said:
Better would be to move the entire board to SSL (well...TLS) which would keep prying eyes out of the content unless people's employers are proxying the cert.

Costs resources, though. I have a board that offers SSL, but it gets a tiny tiny fraction of the traffic this place does.

The entire board is available via TLS, and as of today, approximately 35% of our traffic is going out via it.

I have left it up to the user for the time being, but default new individuals to SSL/TLS.

This will do absolutely nothing to stop the messages that this thread is about, however... and as long as you have a secure password, these messages are nothing to be concerned about.

endus · Sep 9, 2015

sHORTY said:
The entire board is available via TLS, and as of today, approximately 35% of our traffic is going out via it.

I have left it up to the user for the time being, but default new individuals to SSL/TLS.

This will do absolutely nothing to stop the messages that this thread is about, however... and as long as you have a secure password, these messages are nothing to be concerned about.

Fantastiballs! Great stuff, thanks for the heads up, switching over my bookmark.

FYI - I forced TLS on my board but ran into problems with people's browsers whining about non-encrypted content from linked images and such. Some versions of some browsers seem to really have trouble with it. I wound up offering http again as a result.

sHORTY · Sep 9, 2015

endus said:
Fantastiballs! Great stuff, thanks for the heads up, switching over my bookmark.

FYI - I forced TLS on my board but ran into problems with people's browsers whining about non-encrypted content from linked images and such. Some versions of some browsers seem to really have trouble with it. I wound up offering http again as a result.

Same issue. That's exactly why I left HTTP available as an option. Thankfully browsers are getting much better at handling this, but as you said, some just totally puke.

Hackers....tried to steal my account.

Royal

newenglandjeff

rivet_42

bandaid bandit

StevensMarksman

EddieCoyle

Consigliere

BTSDOG

atilla

Spanz

Love Machine

Bonesinium

endus

akma

LoginName

wheelgun

Reptile

atilla

Reptile

atilla

Attachments

Reptile

atilla

Reptile

endus

jasons

Moderator

sHORTY

endus

sHORTY

Similar threads