WE HAVE BEEN HACKED!

If you get an email, or see any post from "Admin" telling you to follow a link to fix a security vulnerability ...

IGNORE IT

It's a scam.


Thanks,


The (real) Admin :)

Damn, lucky I checked here, almost fooled me...

I wonder what the "fix" does if someone falls for it.

If only they would use their powers for Niceness instead of evil.

Wait a second,
How do we know that YOU are the real PE and not a hacker? I am getting confused :p

You need to make this warning more prominent

Woe, I almost fell for it too. But these days I question anything like that instead of blindly downloading. Glad I did!

I didn't fall for it. I never download something, just because some e-mail tells me so. I first look at the website.

The email I received went directly to my "deleted" folder. Not a good sign for sure. I'll bet if you download and install the fix that the supposed virus is there in the download itself. NEVER install an ".exe" file you don't recognize as legit. Also..anyone who had visited in the past "24 months"...seriously...and we are just hearing about it now??? SCAM SCAM SCAM!!!!!

Here's the message:

There was recently a security vulnerability we found in our software. All users that visited within 24 months have been affected. It is known as HTML injections and have put a virus into you PC. We have updated and made a fix. This is a client to remove the affected code 100% and protect you from attacks like these.

This will be required for all members wanting to stay on the forum because of recent security issues.

This file has been scanned for viruses and there is no need to worry about it!

DOWNLOAD HERE>>> """http://sendspace.com/file/8kx8sf[/"""

"""https://www.virustotal.com/en/file/eb8bff16823e6bb79e91db9fb98bb7b0ea11a42ea9a50979f3 ad0c8d0927934b/analysis/1491961464/"""

We are very sorry for the inconvenience but we will be happy to see it that you will come back to ProgressiveEars

We're gonna find them and make them wish they'D NEVER BEEN BORN!

The hackers ruined Genesis!

A soon as you read it, the fact that English is not this persons first language, makes it dead giveaway. Some of the grammar would make my wife apoplectic with rage....

I suspected it was a scam but nice to have it clarified!

A soon as you read it, the fact that English is not this persons first language, makes it dead giveaway. Some of the grammar would make my wife apoplectic with rage....

Great observation!!! :)

Probably a Phil Collins lover

We're gonna find them and make them wish they'D NEVER BEEN BORN!

Yes, we're going to invite them into a R&RHOF topic.

Thanks.

But obviously the scammers did get their hands on the progressive ears users database.

A soon as you read it, the fact that English is not this persons first language, makes it dead giveaway. Some of the grammar would make my wife apoplectic with rage....

Yep. Whenever in doubt, consider how poorly the "warning" is written. It will rarely steer you wrong.

Yup, I also had this and was about to open a thread in the site issue section (someone else did)



You need to make this warning more prominent

My first glance was in the Admin Site Issue forum to see if Sean/Coz/Duncan had posted there


I didn't fall for it. I never download something, just because some e-mail tells me so. I first look at the website.

Exactly, my first reaction was to check the site for confirmation


Yes, we're going to invite them into a R&RHOF topic.

Hey, no need to get ugly and murderous ;)

You should also always be alerted when the download link doesnt match progressiveears.org but is going somewhere else.

BUT there must be some kind of vulnerabilty, since the Opera browser warns you that progressiveears.org has a problem...

A soon as you read it, the fact that English is not this persons first language, makes it dead giveaway. Some of the grammar would make my wife apoplectic with rage....

Yes, it's strange to me that these people are so skilled at hacking yet don't get anyone to check their English. To be honest, it will be very difficult to tell a scan like this from a real warning if they put more work into the body text.

Can the admins here work out whether the hackers got just the user emails or did they get login passwords as well?

Geez, the depths that Snake Oil Audio will go to get members...



Thanks, Duncan. Hopefully everyone checks here first for clarification.

Yes, it's strange to me that these people are so skilled at hacking yet don't get anyone to check their English. To be honest, it will be very difficult to tell a scan like this from a real warning if they put more work into the body text.

Can the admins here work out whether the hackers got just the user emails or did they get login passwords as well?

Duncan is your best bet to answer that. The only thing I can surmise from the email is that it referred to me by my user name, which I think help provides a clue. So they may have just used the admin messaging system to send a mass email and not by collecting everyone's data.

Geez, the depths that Snake Oil Audio will go to get members...

I suppose that's humour and nothing to do with Wallace & Svet getting back at us ;)

Svet getting back at us

Like, sorta, "Svet's recommendations of progressive rock sites (pick only one!)"?

When I saw this I thought it might be fake, the English was bad.
Mods; can you email your warning to members directly ? It might prevent a costly mistake for some.

As soon as I saw a link and the word "download " I deleted the email. Secondly, I'd find it odd if any moderators emailed me directly.

I wonder what the "fix" does if someone falls for it.

If only they would use their powers for Niceness instead of evil.

If only we didn't live in the universe we live in.

Honestly, the first thing I thought of was Wallace.

I doubt it was an insider (or banned ex-member) though...an insider might've taken more care to make it seem authentic.

I'd find it odd if any moderators emailed me directly.

...you don't know what they're capable of... Potentially! :bad



[Now they're coming in the hall, now they're coming up the stairs...]

On the upside...this little mostly-non-incident was a good reminder that I'd not updated my password in quite a while (and that the one I had was pretty vulnerable).

https://uploads.tapatalk-cdn.com/20170419/4f685213d0cffbfec13c39b913be34fa.jpg

https://uploads.tapatalk-cdn.com/20170419/e06b42646eb07b1d918b229304b4a283.jpg

Yeah, I woke to the same email and immediately came to PE to verify.

You need to make this warning more prominent

Agreed - this need to be seen by everyone, I guessed it was a scam but was about to write to the admins.

I suppose that's humour and nothing to do with Wallace & Svet getting back at us ;)

I haven't looked at Snake Oil Audio this week, but last time I looked in, the Liliputians had tied him to the ground and were lobbing bricks at him. He labeled them all "pigs," and Wally was on his side, but the cretins were ganging up on him.

^ "Him" being Svet.

Actually I came right to this sight to read the multi-page-bitch-fest rivaling a yes / genesis thread.... :up :lol

Thanks for looking out for us Uncle Duncan.......

Honestly, the first thing I thought of was Wallace.


Wallace doesn't have 1/10 of the computer know-how to pull off a hack and a mass mailing.

You should also always be alerted when the download link doesnt match progressiveears.org but is going somewhere else.

BUT there must be some kind of vulnerabilty, since the Opera browser warns you that progressiveears.org has a problem...

Firefox has recently been warning me that the PE login is not secure.

You guys really need to e-mail everyone in your database about this. Not everyone is a regular user and you cannot expect them to come to the site and find out it's a scam. (It's not even on your home page.) Be proactive about it. And, yes, you should get an SSL cert for the site.

Lets be clear though you were hacked. They emailed me at an email address I only use here. As a web developer I use a different email address on every site.

Firefox has recently been warning me that the PE login is not secure.
This. Type in 'Progressive Ears' on Google and it actually says 'This site may be hacked'. It is redirecting to something called 'My File Store' if you access the site via Google (which I usually don't anyway)...this was flagged up in the forum long ago and yet nothing changed, it's still doing it now. Worrying.

When I looked this morning (in the UK) after reading this alert there was no e-Mail and now I see I have one, seemingly sent only two and a half hours ago. So is this still going on?

Boy, that Geoff Downes just won't let it go, will he?

You should also always be alerted when the download link doesnt match progressiveears.org but is going somewhere else.

BUT there must be some kind of vulnerabilty, since the Opera browser warns you that progressiveears.org has a problem...

Yes, we still get this message:

"Malicious site warning.

This site may be hacked or contain malicious software. Visiting this page may be harmful.

Opera Software strongly discourages visiting this page.

Why was this page blocked?

Reported by Yandex. Our fraud reports are maintained by third-party vendors."

Yandex is a Russian service that also has their own web-browser.

Silly me - thinking there was the possibility of porn involved - clicked on the links.

Saw the warnings here, checked and saw the email and moved it to the trash folder. Thanks!

WE HAVE BEEN HACKED!

If you get an email, or see any post from "Admin" telling you to follow a link to fix a security vulnerability ...

IGNORE IT

It's a scam.


Thanks,


The (real) Admin :)

But somehow your website got hacked since they've got hold of all our emails!!!

Good Morning...

First of all - my experience here has been the same as some of this threads comments. I noticed several weeks ago, in blue type, the comment 'This sight may be hacked' when I first Googled ProgressiveEars to get to this sight. When opening the PE sight, I too would get directed to 'Firefox'. My apology for not saying something a while ago. When I went to Progressive FORUMS I did not get re-directed. Thought little of the hack possibility since that discovery.....

This, along with sooooooo much advertising and 'click here' aspects of the modern day sights (sometime just to navigate the cursor is a chore) , has me quite frustrated with the internet at times!

Good to see this scenario being addressed.

Carry On
Chris Buckley

Shit, I'm almost tempted to go to Snake Oil just to see bricks being thrown at Svet. Almost.

I agree that there should be massive email sent to all members just so everyone is aware. Chrome is telling me the site is not secure. Then again it does the same for me on Metafilter, the Hoffman forum, etc.

I recall a story, years back of a Russian hacker being discovered and beaten to death with a baseball bat. it was as gruesome a murder as could ever happen. I've quietly wished this death upon every attempted hacker since then.

Thanks for staying on top of this.

reminds me of a few weeks back. My wife got a call from a woman saying she worked for the IRS and they were going to arrest her if she didnt pay them $5000. I took the phone from my wife and said: "yes who am I speaking with?" The voice responded "we are the IRS and you owe 5k in back taxes". I said "This is officer Shrek from the FBI. Please give me your badge number..."

... click.

We had a good laugh. and no repeated calls

Well, was progressivears.org specifically hacked, or was the underlying engine's database compromised?

I dont think there is a great deal of info here that they can really use. as long as you dont use the same password on other accounts, I dont see what they can do with an email. What are the risks? I cant think of anything I shared here that isnt a total lie.:lol

Well, the e mail went straight to the trash, just as every one like it is, but such a breach of security is worrying.

I dont think there is a great deal of info here that they can really use. as long as you dont use the same password on other accounts, I dont see what they can do with an email. What are the risks? I cant think of anything I shared here that isnt a total lie.:lol

It isn't always about what they can steal anymore. What they can do is quietly take control of your PC for other purposes, converting into a "node" in a larger collection of commandeered devices for malicious purposes.

Thanks for posting this.

Why should i worry.A very nice man from Nigeria emailed me that i have 20 million dollars coming to me from a bequest and all i have to do is send him a couple of thousand bucks.

Isn't the interwheb wonderful.

All I want is better scams and better snake oil. The stuff I buy isn't doing the trick. Maybe I should check with my doctor.

I successfully uploaded the patch (the link took me to a site where the fix was only $15, I used my debit card) and had no problems getting back on PE this morning. It's good to see everyone back!

In other news, I hope to make enough money from an email scam to be able to afford a summer home in Nigeria.

Why should i worry.A very nice man from Nigeria emailed me that i have 20 million dollars coming to me from a bequest and all i have to do is send him a couple of thousand bucks.

Isn't the interwheb wonderful.I'm still waiting for the couple thousand you know:).

It went straight to my junk folder. Along with all the Viagra ads and two from FedEx telling me about my packages. I'm seem to get dozens of packages a month of things I don't remember ordering. And they all have had problems being delivered. Amazing!

Shit, I'm almost tempted to go to Snake Oil just to see bricks being thrown at Svet. Almost.


Svetty has responded by trying to YouTube bomb them back to the Stone Age.

It's mildly entertaining, but in the end, you feel like you just watched a group of handicapped kids throwing down a brawl.

Why should i worry.A very nice man from Nigeria emailed me that i have 20 million dollars coming to me from a bequest and all i have to do is send him a couple of thousand bucks.

For God's sake don't do it! The Nigerians are fake! The real ones are from Cameroon!

Svetty has responded by trying to YouTube bomb them back to the Stone Age.

It's mildly entertaining, but in the end, you feel like you just watched a group of handicapped kids throwing down a brawl.

Are you suggesting there's actually members there that discuss...music? Does any worthwhile discussion happen or is it all about the little games the "mods" play?

Are you suggesting there's actually members there that discuss...music? Does any worthwhile discussion happen or is it all about the little games the "mods" play?

You wouldn't believe it. It's supposed to be Wallace's Prog-Rock forum, right? Three of the regulars post constantly about how much Prog sucks. One guy who doesn't understand what a genre is argues that anything after 1973 can't be considered Prog-Rock. Not much talk of mods. Those people largely appear to understand that they are rightly forum pariahs, if I read the vibe right.
There's a tiny bit of music discussion, but not much. A lot of posting of silly and/or dirty emoticons. It's like EMR performance art, mostly.

Well, was progressivears.org specifically hacked, or was the underlying engine's database compromised?

HERE"S WHAT"S HAPPENED:

Someone hacked in and somehow managed to get into the email list - and sent an email to all users about a (fake) security issue.

They also posted an "announcement", as well as a "sticky" post on the main board.

A few other things happened that I won't go into here.

We discovered this about 15 minutes after it happened (around 1:00am - lucky I'm an insomniac!), and removed the fake post and the fake announcement. I have emailed the whole user community advising everyone to ignore the spam.

For (hopefully) obvious reasons, I will not go into the fixes I've affected - but I'm working on it, and I'm in touch with our ISP.

In SEPARATE News:

Along with many other vBulletin sites, PE had a minor hack some time ago, in which some browsers are advising that PE has been hacked, and in which Google searches are compromised.

You are not in any danger from that hack, and we're working to remove it (not easy).

In Summary:

1). It's okay to continue to use PE as usual

2). Exercise caution and never click on links that don't pass the "sniff test".

3). CHANGE YOUR PASSWORD!

Exercise caution

Wait a sec, pal... now in order to use Progressive Ears we need to exercise???? Now it makes sense why many call this place PE!

Thanks Duncan for doing all you and the other mods do to keep this place running.

So they have your username and your email address. They probably have your password so you should change your password here and everywhere else that you use that password.

A soon as you read it, the fact that English is not this persons first language, makes it dead giveaway. Some of the grammar would make my wife apoplectic with rage....
As it did yours truly!!! 

HERE"S WHAT"S HAPPENED:

I have emailed the whole user community advising everyone to ignore the spam.

I haven't seen it.

I haven't seen it.

Has anyone else seen it? I sent it a few hours ago.

(I'll be honest, though, I've never used the mass email feature before - so I may not have done it correctly :oops )

Haven't seen it, Duncan....

Nor have I :up

I haven't seen it.


Haven't seen it, Duncan....


Nor have I :up

:(

I've just re-sent it...

Thanks for the heads up; good thing I check PE before my e-mail (I actually got one in my spam folder).

However, I didn't get the one from Duncan

:(

I've just re-sent it...

The only email I have received is the original hacker email. I have not received any from the actual admins.

I haven't gotten an email from admins, though I did get the hacker email. Log- ins are generating a security warning. I don't know if I should change my password until I'm sure there's no threat. Should I decide to delete my account here, I don't see any option to do so. Is there one?

I don't take having my email address stolen lightly. That could cause a lot of trouble.

There is no option to delete your account. An admin needs to do that.

There is no immediate threat. Your email was not seen by the hacker. He simply activated an option in the system - and the system automatically sent messages to the email addresses in the database.

Ok, that's a relief re:the email. Is it safe to change passwords? I don't want to delete my account. I just wanted to know the options, so thanks for the answer.

Duncan, remind everyone what they need to click to get to the part where they reset the password.

Ok, that's a relief re:the email. Is it safe to change passwords? I don't want to delete my account. I just wanted to know the options, so thanks for the answer.

PERFECTLY safe (and strongly recommended) to change your password.

Click "Settings" toward the top right-hand corner of your screen.

A menu of options will appear down the left-hand side of your screen. Scroll down to "Edit Email & Password"...

PERFECTLY safe (and strongly recommended) to change your password.

Click "Settings" toward the top right-hand corner of your screen.

A menu of options will appear down the left-hand side of your screen. Scroll down to "Edit Email & Password"...

Thanks again.

FYI I sent a test email this morning and it took about 10 hours to reach my inbox, so it's possible the mass email will come later tonight.

I got the email. Then I decided to change my email address. So I get and email from PE in my new email address to follow the link to complete the process, and my phone starts spazzing out about a virus. :lol. I do all my browsing and posting on my phone using the PE mobile version (not tapatalk. Can't stand tapatalk). Anyway all is well now, I think.

Just got the email from Duncan!

Me too.

Has anyone else seen it? I sent it a few hours ago.

(I'll be honest, though, I've never used the mass email feature before - so I may not have done it correctly :oops )

I just got it at 5:20 EST.

The grammar was definitely a big clue that the email was a spam. Also, the email didn't end with.....



Regards,

Duncan

:)


Regards,
Don

I live in the mountains so things take longer up here, but a guy on mule-back just delivered Duncan's message to my inbox. The frenzy I'd worked myself into this morning over all this madness has now receded into placid, pellucid waters.

I haven't looked at Snake Oil Audio this week, but last time I looked in, the Liliputians had tied him to the ground and were lobbing bricks at him. He labeled them all "pigs," and Wally was on his side, but the cretins were ganging up on him.

Sounds like the other two posters are Beavis and Butthead


Wallace doesn't have 1/10 of the computer know-how to pull off a hack and a mass mailing.

my thought too


Firefox has recently been warning me that the PE login is not secure.

Along with most forums sites I use... FF has warned me about this for years...


Boy, that Geoff Downes just won't let it go, will he?

My money is on Dale Hauskins of the self-appointed best Swiss prog band (Flame Dream)


Svetty has responded by trying to YouTube bomb them back to the Stone Age.

It's mildly entertaining, but in the end, you feel like you just watched a group of handicapped kids throwing down a brawl.

I wish I had too much time on my hand to witness this

NOT :p


You wouldn't believe it. It's supposed to be Wallace's Prog-Rock forum, right? Three of the regulars post constantly about how much Prog sucks. One guy who doesn't understand what a genre is argues that anything after 1973 can't be considered Prog-Rock. Not much talk of mods. Those people largely appear to understand that they are rightly forum pariahs, if I read the vibe right.
There's a tiny bit of music discussion, but not much. A lot of posting of silly and/or dirty emoticons. It's like EMR performance art, mostly.

So Beavis, Butthead, Svet & Wally... what a crowd :lol


Me too.

Got mine too.

Mine arrived as well, Duncan. Thanks!

Along with most forums sites I use... FF has warned me about this for years...


It only started happening to me with a recent Firefox update (say in the last 2-3 weeks), although I only use FF once in a while on my wife's computer. I wasn't really worried about it, just wondered if it was all related somehow.

I live in the mountains so things take longer up here, but a guy on mule-back just delivered Duncan's message to my inbox. The frenzy I'd worked myself into this morning over all this madness has now receded into placid, pellucid waters.

Ba ha ha.....:lol

This. Type in 'Progressive Ears' on Google and it actually says 'This site may be hacked'. It is redirecting to something called 'My File Store' if you access the site via Google (which I usually don't anyway)...this was flagged up in the forum long ago and yet nothing changed, it's still doing it now. Worrying.


The MyFileStore redirect hack is a known vulnerability of vBulletin and if its present it opens up other attack vectors. I suspect it facilitated this attack.

Yeah, I got mine too. Like everybody else, I came here before downloading anything. I wonder how many people who downloaded the virus would actually come back here and admit it.

Honestly, the first thing I thought of was Wallace. I knew right away it wasn't.

If it had been, it would have said something like,

ARRRR, ye lubbers, there be recently a security vulnerability we found in your software. All ye that visited within 24 months have been overhauled by the good ship Snake Oil Audio. We have fired our doughty HTML injections and have put a virus crashing right into the fo'c'sl of you PC.....

It only started happening to me with a recent Firefox update (say in the last 2-3 weeks), although I only use FF once in a while on my wife's computer. I wasn't really worried about it, just wondered if it was all related somehow.

it's the login form. using one on an insecure page (http) is a known security risk. anyone doing this is vulnerable to an attacker sniffing the network for username/password pairs. many people still choose to use the same pair at multiple sites including their financial institution. the form can also be modified while in transit to give someone more privileges while on site. even a low level hacker can accomplish this. people need to get educated on internet security and wise up. it's no game

I wish I had too much time on my hand to witness this

NOT :p


It's a pretty low traffic site. Not much time involved, trust me.

We are very sorry for the inconvenience but we will be happy to see it that you will come back to ProgressiveEars

:lol

Silly me - thinking there was the possibility of porn involved - clicked on the links.

just go to xhamster. they've been seriously flooded with user generated content for months on end now.

Click on this extremely fishy Sendspace link? I think not!


Like, sorta, "Svet's recommendations of progressive rock sites (pick only one!)"?

Great minds think alike. “A pathetic attempt by Svetonio at bashing PE after being banned” was my first thought.

I thinking that if someone on PE who's not Internet savvy might actually...ohmygawd, someone do a wellness check on Rand!

How do we know our personal details were not stolen from your site? I have asked to be removed from this site as a security concern. Sad it happened but having had my personal details stolen on Facebook I don't want it to happen again

Did they hack our webcams? Do we need to put on clothes while PEing?

How do we know our personal details were not stolen from your site? I have asked to be removed from this site as a security concern. Sad it happened but having had my personal details stolen on Facebook I don't want it to happen again

You have no personal details on this site, except for your email address, which the hacker did not see.

Please confirm if you want me to delete your account.

Did they hack our webcams? Do we need to put on clothes while PEing?

PLEASE put clothes on! I'm tired of hacking your webcam and seeing ... that! :rofl

I got that email message and just assumed it was Steve Howe all pissed off about the way we talk about him here at PE.

You have no personal details on this site, except for your email address, which the hacker did not see.

Yes, it's important to get the facts straight. All you need to join PE is to have an email address and log in password. Most people:

- Don't share personal information on PE
- Use an alias for their username
- Don't use a picture of themselves for their avatar

And having your email address alone is less "harmless" as someone having your phone number (which is often given without you knowing from otherwise reputable businesses).

The best advice that someone can give for PE if someone does obtain your email address is to change your password here at PE and not to use passwords here that you also use with online banking or retailers like Amazon.

I'm glad this is straightened out because I'm one of the members wanting to stay on this forum.

On a serious note - Thanks to Duncan and team for being right on top of this thing. As a very frequent reader of this forum (and occasional poster), I really enjoy this place. Much appreciation.

I got Duncan's email hours before I got the phony email. Good thing, since I am the antithesis of internet savvy.

You can always make a pseudonym email at gmail (a.o) and use it just for this one or another purpose.

Thanks indeed for quickly addressing this situation.

Now we have to find out who really is behind the problem.
There is an impressive list of suspects.

Brian Lane
Geoff Downes
Billy Sherwood
Ahmet Zappa
Jon Anderson's Dark Aspect
Regressive Ears
The Post Neo Mathcore Underground Army
Kanye West
The Birotron Appreciation Society
Lars Ulrich
The Secret Order For the Elimination Of Yes Threads
The Secret Order Against the Elimination Of Threads
Tony Banks' "Joker" Aspect

... we'll probably never know.

^^^Awesome! Is "Jon Anderson's Dark Aspect" already taken as a band name? Bummer if it is...lol....

^ That's some railroad lingo there.

Firefox told me to change my password for this site. How did they know? Anyway, I did change my password.

They know everything, they can tell you when to change your underpants.

They know when you've been sleeping, they know when you're awake.....

They know everything, they can tell you when to change your underpants.

That must be the reason for dropping your pants during a reboot.

Do they know if you're not wearing underpants? :O

Do they know if you're not wearing underpants? :O

No, but I do.

I regularly hack into your PC's webcam ... and I know what you do when you're alone! :bad

LOL

Seriously, though - I have a high-tech system to stop webcam hacking. It's one inch of electrical tape!

They know everything, they can tell you when to change your underpants.

The hell with underpants, and let the chips fall where they may.

Seriously, though - I have a high-tech system to stop webcam hacking. It's one inch of electrical tape!

You only need an inch? ;)

The hell with underpants, and let the chips fall where they may.

You don't even need pants for that problem.

http://eventsnews.info/wp-content/uploads/2015/12/gazou00436.jpg

Has anyone else seen it? I sent it a few hours ago.

(I'll be honest, though, I've never used the mass email feature before - so I may not have done it correctly :oops )

I got it yesterday

I got it yesterday

Oh my! See a doctor and get rid of it!!

Seriously, though - I have a high-tech system to stop webcam hacking. It's one inch of electrical tape!

First thing I did on my new laptop, even before I plugged in

Only take it off when I skype (which isn't often)

Only take it off when I skype (which isn't often)
Kinky...

Kinky...

Didn't see that one coming... 10240

Didn't see that one coming...

That's not what Duncan told us.

I knew the original e-mail was bogus right from the start, I'm just surprised it didn't land in the junk folder. Hats off to the admins here for the quick response. You guys are great.

Thanks Duncan[emoji6]Now I can't login in on the website. I tried to change my password using Safari's password suggestion and I thought it had taken it. Then after attempting to login it doesn't recognize it. I can't message the admin from the page either. But I think I am posting here. I say dump the webpage or move it to something that is modern enough to handle the most secure passwords which require special characters, numbers, and upper and lower case characters.

Thanks Duncan[emoji6]Now I can't login in on the website. I tried to change my password using Safari's password suggestion and I thought it had taken it. Then after attempting to login it doesn't recognize it. I can't message the admin from the page either. But I think I am posting here. I say dump the webpage or move it to something that is modern enough to handle the most secure passwords which require special characters, numbers, and upper and lower case characters.

Ignore that post ^^^^^^

Ignore that post ^^^^^^

So my attempt to login was with email instead of the screen name as username. Good thing Safar saved a previous password with the email username. It also saved the newer one with the Screenname. Now the screen name is associated with the correct password in Safari. Wew👍

Just got an email with subject line.....Find Out What Russian Girls Really Want.

Been getting a lot of Russian spam in the last few weeks.....:rofl

Just got an email with subject line.....Find Out What Russian Girls Really Want.


And, what DO they want?

Something I'm sure I ain't got.....:rofl

Probably to congratulate us on the USSR/US merger currently in progress...






[self-reported]
[not really that sorry]
[can't wait to wrestle my first bear]

And, what DO they want?

An Oligarch with a low life expectancy.

And, what DO they want?

A hotel room and a client who brings his own plastic sheets.

They want to keel moose and keel squirrel.

They don't want rubles[emoji848]

I ignore all emails , am anti social with humans, have paid a fee to have my name changed, lost 65 pounds on a Zen diet and have changed my appearance making it very difficult for those who did know me to reconize me. It feels like I'm born again. You should try it sometime.

I ignore all emails , am anti social with humans, have paid a fee to have my name changed, lost 65 pounds on a Zen diet and have changed my appearance making it very difficult for those who did know me to reconize me. It feels like I'm born again. You should try it sometime.

If I lost 30 kgs, I would quite probably be dead. So being born again would be a requirement.

If I lost 30 kgs, I would quite probably be dead. So being born again would be a requirement.

Lol!

You have no personal details on this site, except for your email address, which the hacker did not see.

I'm not sure this is the case. The email address I use for Progressive Ears was generated specifically for it and has never been given to anyone else. It had only received my sign up and validation mails before the hack. Since the hack it's started to receive spam. There's no way other than via Progressive Ears that this address could have been discovered so I'm afraid I think the hackers got more data than you think.

I'm not sure this is the case. The email address I use for Progressive Ears was generated specifically for it and has never been given to anyone else. It had only received my sign up and validation mails before the hack. Since the hack it's started to receive spam. There's no way other than via Progressive Ears that this address could have been discovered so I'm afraid I think the hackers got more data than you think.

If I'm reading correctly, they got your e-mail address and probably sold it. So, they didn't get any more data than Duncan described.

If I'm reading correctly, they got your e-mail address and probably sold it. So, they didn't get any more data than Duncan described.

I read Duncan's message as the hacker "didn't see" our email addresses, but benbell is suggesting the hackers may have seen them. I've also noticed an increase in spam in recent weeks where I'd rarely get any before. I'm not asserting Duncan is incorrect though.

I read Duncan's message as the hacker "didn't see" our email addresses, but benbell is suggesting the hackers may have seen them. I've also noticed an increase in spam in recent weeks where I'd rarely get any before. I'm not asserting Duncan is incorrect though.

I have to agree with this. I never received spam on the email address I use for this site before the hack took place.

Best antispam system I know of - free version for 1 account is great

http://www.mailwasher.net/

Mr. EZ Peters
US Embassy
William Howell
Mr. Rose Joseph
Merle Butler
Mrs Rose Julaha
Mrs Njide Adice
Dr Kenneth
Dr Terry

and F.B.I. Head Office


sound familiar ????

I got spam from at least some of them too. Fortunately, Gmail trapped all of them with its spam filter.

Mr. EZ Peters
US Embassy


I got the ones above in spam and also these:

Crystal Travis
Dean Lambert
Benita Gilliam
Jeremy Howe
Ross Keith
armando Harper
Long McLaughlin
Gaylord McFadden
Tania Hobbs
Shawna Cox
Loraine Blanchard
Logan Alvarez
Kate Ryan
Kim Rasmussen
Victoria Bell
Veronica Soto
Leigh Bullock
Roberto Franklin
Truman Roy
Aaron Michael

I was checking to see if my e-mail address was known anywhere on the internet and got only one hit, a file that contains all the PE user data that was hacked. My email got almost no spam until after the hack, I now get dozens per day

File host: https://publicdbhost.dmca.gripe/random/vbulletindump/progressiveears.org-vb-2017.txt

There is also a copy of it hosted here: http://archive.is/xMObZ

From that it is clear that only the PE username and email address were compromised, the password data appears to be encrypted/hashed and would could not be extracted.

I have no idea if the files can be removed.

Thanks for the update on that. Interesting....