PDA

View Full Version : IGNORE Any Posts Or Emails Titled : Critical Security Vulnerability



Duncan Glenday
04-19-2017, 02:17 AM
WE HAVE BEEN HACKED!

If you get an email, or see any post from "Admin" telling you to follow a link to fix a security vulnerability ...

IGNORE IT

It's a scam.


Thanks,


The (real) Admin :)

flytomars
04-19-2017, 02:46 AM
Damn, lucky I checked here, almost fooled me...

Dave (in MA)
04-19-2017, 03:08 AM
I wonder what the "fix" does if someone falls for it.

If only they would use their powers for Niceness instead of evil.

flytomars
04-19-2017, 03:17 AM
Wait a second,
How do we know that YOU are the real PE and not a hacker? I am getting confused :p

Udi Koomran
04-19-2017, 03:18 AM
You need to make this warning more prominent

AncientChord
04-19-2017, 03:26 AM
Woe, I almost fell for it too. But these days I question anything like that instead of blindly downloading. Glad I did!

Rarebird
04-19-2017, 03:33 AM
I didn't fall for it. I never download something, just because some e-mail tells me so. I first look at the website.

progcd54
04-19-2017, 03:35 AM
The email I received went directly to my "deleted" folder. Not a good sign for sure. I'll bet if you download and install the fix that the supposed virus is there in the download itself. NEVER install an ".exe" file you don't recognize as legit. Also..anyone who had visited in the past "24 months"...seriously...and we are just hearing about it now??? SCAM SCAM SCAM!!!!!

Here's the message:

There was recently a security vulnerability we found in our software. All users that visited within 24 months have been affected. It is known as HTML injections and have put a virus into you PC. We have updated and made a fix. This is a client to remove the affected code 100% and protect you from attacks like these.

This will be required for all members wanting to stay on the forum because of recent security issues.

This file has been scanned for viruses and there is no need to worry about it!

DOWNLOAD HERE>>> """http://sendspace.com/file/8kx8sf[/"""

"""https://www.virustotal.com/en/file/eb8bff16823e6bb79e91db9fb98bb7b0ea11a42ea9a50979f3 ad0c8d0927934b/analysis/1491961464/"""

We are very sorry for the inconvenience but we will be happy to see it that you will come back to ProgressiveEars

Scrotum Scissor
04-19-2017, 03:42 AM
We're gonna find them and make them wish they'D NEVER BEEN BORN!

Harbottle
04-19-2017, 04:05 AM
The hackers ruined Genesis!

lovecraft
04-19-2017, 04:15 AM
A soon as you read it, the fact that English is not this persons first language, makes it dead giveaway. Some of the grammar would make my wife apoplectic with rage....

Kavus Torabi
04-19-2017, 04:16 AM
I suspected it was a scam but nice to have it clarified!

progcd54
04-19-2017, 04:24 AM
A soon as you read it, the fact that English is not this persons first language, makes it dead giveaway. Some of the grammar would make my wife apoplectic with rage....

Great observation!!! :)

Chain
04-19-2017, 04:28 AM
Probably a Phil Collins lover

Halmyre
04-19-2017, 04:30 AM
We're gonna find them and make them wish they'D NEVER BEEN BORN!

Yes, we're going to invite them into a R&RHOF topic.

ske
04-19-2017, 05:12 AM
Thanks.

thedunno
04-19-2017, 05:22 AM
But obviously the scammers did get their hands on the progressive ears users database.

Adrian
04-19-2017, 05:33 AM
A soon as you read it, the fact that English is not this persons first language, makes it dead giveaway. Some of the grammar would make my wife apoplectic with rage....

Yep. Whenever in doubt, consider how poorly the "warning" is written. It will rarely steer you wrong.

Trane
04-19-2017, 05:43 AM
Yup, I also had this and was about to open a thread in the site issue section (someone else did)



You need to make this warning more prominent

My first glance was in the Admin Site Issue forum to see if Sean/Coz/Duncan had posted there


I didn't fall for it. I never download something, just because some e-mail tells me so. I first look at the website.

Exactly, my first reaction was to check the site for confirmation


Yes, we're going to invite them into a R&RHOF topic.

Hey, no need to get ugly and murderous ;)

Zeuhlmate
04-19-2017, 05:50 AM
You should also always be alerted when the download link doesnt match progressiveears.org but is going somewhere else.

BUT there must be some kind of vulnerabilty, since the Opera browser warns you that progressiveears.org has a problem...

Sordel
04-19-2017, 05:58 AM
A soon as you read it, the fact that English is not this persons first language, makes it dead giveaway. Some of the grammar would make my wife apoplectic with rage....

Yes, it's strange to me that these people are so skilled at hacking yet don't get anyone to check their English. To be honest, it will be very difficult to tell a scan like this from a real warning if they put more work into the body text.

Can the admins here work out whether the hackers got just the user emails or did they get login passwords as well?

Poisoned Youth
04-19-2017, 06:29 AM
Geez, the depths that Snake Oil Audio will go to get members...



Thanks, Duncan. Hopefully everyone checks here first for clarification.

Poisoned Youth
04-19-2017, 06:33 AM
Yes, it's strange to me that these people are so skilled at hacking yet don't get anyone to check their English. To be honest, it will be very difficult to tell a scan like this from a real warning if they put more work into the body text.

Can the admins here work out whether the hackers got just the user emails or did they get login passwords as well?

Duncan is your best bet to answer that. The only thing I can surmise from the email is that it referred to me by my user name, which I think help provides a clue. So they may have just used the admin messaging system to send a mass email and not by collecting everyone's data.

Trane
04-19-2017, 06:52 AM
Geez, the depths that Snake Oil Audio will go to get members...

I suppose that's humour and nothing to do with Wallace & Svet getting back at us ;)

Scrotum Scissor
04-19-2017, 07:34 AM
Svet getting back at us

Like, sorta, "Svet's recommendations of progressive rock sites (pick only one!)"?

nycsteve
04-19-2017, 07:40 AM
When I saw this I thought it might be fake, the English was bad.
Mods; can you email your warning to members directly ? It might prevent a costly mistake for some.

Vic2012
04-19-2017, 07:55 AM
As soon as I saw a link and the word "download " I deleted the email. Secondly, I'd find it odd if any moderators emailed me directly.

Firth
04-19-2017, 07:59 AM
I wonder what the "fix" does if someone falls for it.

If only they would use their powers for Niceness instead of evil.

If only we didn't live in the universe we live in.

battema
04-19-2017, 07:59 AM
Honestly, the first thing I thought of was Wallace.

I doubt it was an insider (or banned ex-member) though...an insider might've taken more care to make it seem authentic.

Scrotum Scissor
04-19-2017, 07:59 AM
I'd find it odd if any moderators emailed me directly.

...you don't know what they're capable of... Potentially! :bad



[Now they're coming in the hall, now they're coming up the stairs...]

battema
04-19-2017, 08:02 AM
On the upside...this little mostly-non-incident was a good reminder that I'd not updated my password in quite a while (and that the one I had was pretty vulnerable).

Firth
04-19-2017, 08:05 AM
https://uploads.tapatalk-cdn.com/20170419/4f685213d0cffbfec13c39b913be34fa.jpg

https://uploads.tapatalk-cdn.com/20170419/e06b42646eb07b1d918b229304b4a283.jpg

Supersonic Scientist
04-19-2017, 08:21 AM
Yeah, I woke to the same email and immediately came to PE to verify.

NogbadTheBad
04-19-2017, 08:35 AM
You need to make this warning more prominent

Agreed - this need to be seen by everyone, I guessed it was a scam but was about to write to the admins.

moecurlythanu
04-19-2017, 08:44 AM
I suppose that's humour and nothing to do with Wallace & Svet getting back at us ;)

I haven't looked at Snake Oil Audio this week, but last time I looked in, the Liliputians had tied him to the ground and were lobbing bricks at him. He labeled them all "pigs," and Wally was on his side, but the cretins were ganging up on him.

moecurlythanu
04-19-2017, 08:45 AM
^ "Him" being Svet.

Garyhead
04-19-2017, 08:48 AM
Actually I came right to this sight to read the multi-page-bitch-fest rivaling a yes / genesis thread.... :up :lol

Thanks for looking out for us Uncle Duncan.......

moecurlythanu
04-19-2017, 08:48 AM
Honestly, the first thing I thought of was Wallace.


Wallace doesn't have 1/10 of the computer know-how to pull off a hack and a mass mailing.

Plasmatopia
04-19-2017, 09:06 AM
You should also always be alerted when the download link doesnt match progressiveears.org but is going somewhere else.

BUT there must be some kind of vulnerabilty, since the Opera browser warns you that progressiveears.org has a problem...

Firefox has recently been warning me that the PE login is not secure.

ronmac
04-19-2017, 09:09 AM
You guys really need to e-mail everyone in your database about this. Not everyone is a regular user and you cannot expect them to come to the site and find out it's a scam. (It's not even on your home page.) Be proactive about it. And, yes, you should get an SSL cert for the site.

mon40
04-19-2017, 09:13 AM
Lets be clear though you were hacked. They emailed me at an email address I only use here. As a web developer I use a different email address on every site.

JJ88
04-19-2017, 09:18 AM
Firefox has recently been warning me that the PE login is not secure.
This. Type in 'Progressive Ears' on Google and it actually says 'This site may be hacked'. It is redirecting to something called 'My File Store' if you access the site via Google (which I usually don't anyway)...this was flagged up in the forum long ago and yet nothing changed, it's still doing it now. Worrying.

When I looked this morning (in the UK) after reading this alert there was no e-Mail and now I see I have one, seemingly sent only two and a half hours ago. So is this still going on?

Mister Triscuits
04-19-2017, 09:27 AM
Boy, that Geoff Downes just won't let it go, will he?

trondis23
04-19-2017, 09:31 AM
You should also always be alerted when the download link doesnt match progressiveears.org but is going somewhere else.

BUT there must be some kind of vulnerabilty, since the Opera browser warns you that progressiveears.org has a problem...

Yes, we still get this message:

"Malicious site warning.

This site may be hacked or contain malicious software. Visiting this page may be harmful.

Opera Software strongly discourages visiting this page.

Why was this page blocked?

Reported by Yandex. Our fraud reports are maintained by third-party vendors."

Yandex is a Russian service that also has their own web-browser.

WHORG
04-19-2017, 09:38 AM
Silly me - thinking there was the possibility of porn involved - clicked on the links.

JKL2000
04-19-2017, 09:48 AM
Saw the warnings here, checked and saw the email and moved it to the trash folder. Thanks!

Zalmoxe
04-19-2017, 10:07 AM
WE HAVE BEEN HACKED!

If you get an email, or see any post from "Admin" telling you to follow a link to fix a security vulnerability ...

IGNORE IT

It's a scam.


Thanks,


The (real) Admin :)

But somehow your website got hacked since they've got hold of all our emails!!!

winkersnufs
04-19-2017, 10:26 AM
Good Morning...

First of all - my experience here has been the same as some of this threads comments. I noticed several weeks ago, in blue type, the comment 'This sight may be hacked' when I first Googled ProgressiveEars to get to this sight. When opening the PE sight, I too would get directed to 'Firefox'. My apology for not saying something a while ago. When I went to Progressive FORUMS I did not get re-directed. Thought little of the hack possibility since that discovery.....

This, along with sooooooo much advertising and 'click here' aspects of the modern day sights (sometime just to navigate the cursor is a chore) , has me quite frustrated with the internet at times!

Good to see this scenario being addressed.

Carry On
Chris Buckley

Jerjo
04-19-2017, 10:44 AM
Shit, I'm almost tempted to go to Snake Oil just to see bricks being thrown at Svet. Almost.

I agree that there should be massive email sent to all members just so everyone is aware. Chrome is telling me the site is not secure. Then again it does the same for me on Metafilter, the Hoffman forum, etc.

Yodelgoat
04-19-2017, 10:56 AM
I recall a story, years back of a Russian hacker being discovered and beaten to death with a baseball bat. it was as gruesome a murder as could ever happen. I've quietly wished this death upon every attempted hacker since then.

Thanks for staying on top of this.

reminds me of a few weeks back. My wife got a call from a woman saying she worked for the IRS and they were going to arrest her if she didnt pay them $5000. I took the phone from my wife and said: "yes who am I speaking with?" The voice responded "we are the IRS and you owe 5k in back taxes". I said "This is officer Shrek from the FBI. Please give me your badge number..."

... click.

We had a good laugh. and no repeated calls

battema
04-19-2017, 11:06 AM
Well, was progressivears.org specifically hacked, or was the underlying engine's database compromised?

Yodelgoat
04-19-2017, 11:09 AM
I dont think there is a great deal of info here that they can really use. as long as you dont use the same password on other accounts, I dont see what they can do with an email. What are the risks? I cant think of anything I shared here that isnt a total lie.:lol

lazland
04-19-2017, 11:09 AM
Well, the e mail went straight to the trash, just as every one like it is, but such a breach of security is worrying.

battema
04-19-2017, 11:12 AM
I dont think there is a great deal of info here that they can really use. as long as you dont use the same password on other accounts, I dont see what they can do with an email. What are the risks? I cant think of anything I shared here that isnt a total lie.:lol

It isn't always about what they can steal anymore. What they can do is quietly take control of your PC for other purposes, converting into a "node" in a larger collection of commandeered devices for malicious purposes.

strawberrybrick
04-19-2017, 11:15 AM
Thanks for posting this.

walt
04-19-2017, 11:34 AM
Why should i worry.A very nice man from Nigeria emailed me that i have 20 million dollars coming to me from a bequest and all i have to do is send him a couple of thousand bucks.

Isn't the interwheb wonderful.

Staun
04-19-2017, 11:50 AM
All I want is better scams and better snake oil. The stuff I buy isn't doing the trick. Maybe I should check with my doctor.

Jefferson James
04-19-2017, 11:51 AM
I successfully uploaded the patch (the link took me to a site where the fix was only $15, I used my debit card) and had no problems getting back on PE this morning. It's good to see everyone back!

In other news, I hope to make enough money from an email scam to be able to afford a summer home in Nigeria.

Staun
04-19-2017, 11:51 AM
Why should i worry.A very nice man from Nigeria emailed me that i have 20 million dollars coming to me from a bequest and all i have to do is send him a couple of thousand bucks.

Isn't the interwheb wonderful.I'm still waiting for the couple thousand you know:).

tdotdo
04-19-2017, 11:57 AM
It went straight to my junk folder. Along with all the Viagra ads and two from FedEx telling me about my packages. I'm seem to get dozens of packages a month of things I don't remember ordering. And they all have had problems being delivered. Amazing!

moecurlythanu
04-19-2017, 12:12 PM
Shit, I'm almost tempted to go to Snake Oil just to see bricks being thrown at Svet. Almost.


Svetty has responded by trying to YouTube bomb them back to the Stone Age.

It's mildly entertaining, but in the end, you feel like you just watched a group of handicapped kids throwing down a brawl.

Scrotum Scissor
04-19-2017, 12:13 PM
Why should i worry.A very nice man from Nigeria emailed me that i have 20 million dollars coming to me from a bequest and all i have to do is send him a couple of thousand bucks.

For God's sake don't do it! The Nigerians are fake! The real ones are from Cameroon!

Sean
04-19-2017, 12:17 PM
Svetty has responded by trying to YouTube bomb them back to the Stone Age.

It's mildly entertaining, but in the end, you feel like you just watched a group of handicapped kids throwing down a brawl.

Are you suggesting there's actually members there that discuss...music? Does any worthwhile discussion happen or is it all about the little games the "mods" play?

moecurlythanu
04-19-2017, 12:37 PM
Are you suggesting there's actually members there that discuss...music? Does any worthwhile discussion happen or is it all about the little games the "mods" play?

You wouldn't believe it. It's supposed to be Wallace's Prog-Rock forum, right? Three of the regulars post constantly about how much Prog sucks. One guy who doesn't understand what a genre is argues that anything after 1973 can't be considered Prog-Rock. Not much talk of mods. Those people largely appear to understand that they are rightly forum pariahs, if I read the vibe right.
There's a tiny bit of music discussion, but not much. A lot of posting of silly and/or dirty emoticons. It's like EMR performance art, mostly.

Duncan Glenday
04-19-2017, 01:25 PM
Well, was progressivears.org specifically hacked, or was the underlying engine's database compromised?

HERE"S WHAT"S HAPPENED:

Someone hacked in and somehow managed to get into the email list - and sent an email to all users about a (fake) security issue.

They also posted an "announcement", as well as a "sticky" post on the main board.

A few other things happened that I won't go into here.

We discovered this about 15 minutes after it happened (around 1:00am - lucky I'm an insomniac!), and removed the fake post and the fake announcement. I have emailed the whole user community advising everyone to ignore the spam.

For (hopefully) obvious reasons, I will not go into the fixes I've affected - but I'm working on it, and I'm in touch with our ISP.

In SEPARATE News:

Along with many other vBulletin sites, PE had a minor hack some time ago, in which some browsers are advising that PE has been hacked, and in which Google searches are compromised.

You are not in any danger from that hack, and we're working to remove it (not easy).

In Summary:

1). It's okay to continue to use PE as usual

2). Exercise caution and never click on links that don't pass the "sniff test".

3). CHANGE YOUR PASSWORD!

Gruno
04-19-2017, 02:29 PM
Exercise caution

Wait a sec, pal... now in order to use Progressive Ears we need to exercise???? Now it makes sense why many call this place PE!

Thanks Duncan for doing all you and the other mods do to keep this place running.

mon40
04-19-2017, 02:36 PM
So they have your username and your email address. They probably have your password so you should change your password here and everywhere else that you use that password.

jkelman
04-19-2017, 03:00 PM
A soon as you read it, the fact that English is not this persons first language, makes it dead giveaway. Some of the grammar would make my wife apoplectic with rage....
As it did yours truly!!! 

ronmac
04-19-2017, 03:58 PM
HERE"S WHAT"S HAPPENED:

I have emailed the whole user community advising everyone to ignore the spam.

I haven't seen it.

Duncan Glenday
04-19-2017, 04:11 PM
I haven't seen it.

Has anyone else seen it? I sent it a few hours ago.

(I'll be honest, though, I've never used the mass email feature before - so I may not have done it correctly :oops )

wideopenears
04-19-2017, 04:13 PM
Haven't seen it, Duncan....

battema
04-19-2017, 04:20 PM
Nor have I :up

Duncan Glenday
04-19-2017, 04:23 PM
I haven't seen it.


Haven't seen it, Duncan....


Nor have I :up

:(

I've just re-sent it...

zravkapt
04-19-2017, 04:25 PM
Thanks for the heads up; good thing I check PE before my e-mail (I actually got one in my spam folder).

However, I didn't get the one from Duncan

Gruno
04-19-2017, 04:48 PM
:(

I've just re-sent it...

The only email I have received is the original hacker email. I have not received any from the actual admins.

Mike D
04-19-2017, 05:01 PM
I haven't gotten an email from admins, though I did get the hacker email. Log- ins are generating a security warning. I don't know if I should change my password until I'm sure there's no threat. Should I decide to delete my account here, I don't see any option to do so. Is there one?

I don't take having my email address stolen lightly. That could cause a lot of trouble.

Duncan Glenday
04-19-2017, 05:15 PM
There is no option to delete your account. An admin needs to do that.

There is no immediate threat. Your email was not seen by the hacker. He simply activated an option in the system - and the system automatically sent messages to the email addresses in the database.

Mike D
04-19-2017, 05:33 PM
Ok, that's a relief re:the email. Is it safe to change passwords? I don't want to delete my account. I just wanted to know the options, so thanks for the answer.

Sean
04-19-2017, 05:43 PM
Duncan, remind everyone what they need to click to get to the part where they reset the password.

Duncan Glenday
04-19-2017, 05:48 PM
Ok, that's a relief re:the email. Is it safe to change passwords? I don't want to delete my account. I just wanted to know the options, so thanks for the answer.

PERFECTLY safe (and strongly recommended) to change your password.

Click "Settings" toward the top right-hand corner of your screen.

A menu of options will appear down the left-hand side of your screen. Scroll down to "Edit Email & Password"...

Mike D
04-19-2017, 05:58 PM
PERFECTLY safe (and strongly recommended) to change your password.

Click "Settings" toward the top right-hand corner of your screen.

A menu of options will appear down the left-hand side of your screen. Scroll down to "Edit Email & Password"...

Thanks again.

Poisoned Youth
04-19-2017, 06:17 PM
FYI I sent a test email this morning and it took about 10 hours to reach my inbox, so it's possible the mass email will come later tonight.

Vic2012
04-19-2017, 06:34 PM
I got the email. Then I decided to change my email address. So I get and email from PE in my new email address to follow the link to complete the process, and my phone starts spazzing out about a virus. :lol. I do all my browsing and posting on my phone using the PE mobile version (not tapatalk. Can't stand tapatalk). Anyway all is well now, I think.

Gruno
04-19-2017, 06:34 PM
Just got the email from Duncan!

walt
04-19-2017, 06:37 PM
Me too.

ronmac
04-19-2017, 06:38 PM
Has anyone else seen it? I sent it a few hours ago.

(I'll be honest, though, I've never used the mass email feature before - so I may not have done it correctly :oops )

I just got it at 5:20 EST.

Don Arnold
04-19-2017, 06:41 PM
The grammar was definitely a big clue that the email was a spam. Also, the email didn't end with.....



Regards,

Duncan

:)


Regards,
Don

Jefferson James
04-19-2017, 06:43 PM
I live in the mountains so things take longer up here, but a guy on mule-back just delivered Duncan's message to my inbox. The frenzy I'd worked myself into this morning over all this madness has now receded into placid, pellucid waters.

Trane
04-19-2017, 07:12 PM
I haven't looked at Snake Oil Audio this week, but last time I looked in, the Liliputians had tied him to the ground and were lobbing bricks at him. He labeled them all "pigs," and Wally was on his side, but the cretins were ganging up on him.

Sounds like the other two posters are Beavis and Butthead


Wallace doesn't have 1/10 of the computer know-how to pull off a hack and a mass mailing.

my thought too


Firefox has recently been warning me that the PE login is not secure.

Along with most forums sites I use... FF has warned me about this for years...


Boy, that Geoff Downes just won't let it go, will he?

My money is on Dale Hauskins of the self-appointed best Swiss prog band (Flame Dream)


Svetty has responded by trying to YouTube bomb them back to the Stone Age.

It's mildly entertaining, but in the end, you feel like you just watched a group of handicapped kids throwing down a brawl.

I wish I had too much time on my hand to witness this

NOT :p


You wouldn't believe it. It's supposed to be Wallace's Prog-Rock forum, right? Three of the regulars post constantly about how much Prog sucks. One guy who doesn't understand what a genre is argues that anything after 1973 can't be considered Prog-Rock. Not much talk of mods. Those people largely appear to understand that they are rightly forum pariahs, if I read the vibe right.
There's a tiny bit of music discussion, but not much. A lot of posting of silly and/or dirty emoticons. It's like EMR performance art, mostly.

So Beavis, Butthead, Svet & Wally... what a crowd :lol


Me too.

Got mine too.

wideopenears
04-19-2017, 07:21 PM
Mine arrived as well, Duncan. Thanks!

Plasmatopia
04-19-2017, 07:30 PM
Along with most forums sites I use... FF has warned me about this for years...


It only started happening to me with a recent Firefox update (say in the last 2-3 weeks), although I only use FF once in a while on my wife's computer. I wasn't really worried about it, just wondered if it was all related somehow.

Vic2012
04-19-2017, 07:31 PM
I live in the mountains so things take longer up here, but a guy on mule-back just delivered Duncan's message to my inbox. The frenzy I'd worked myself into this morning over all this madness has now receded into placid, pellucid waters.

Ba ha ha.....:lol

stevea
04-19-2017, 07:32 PM
This. Type in 'Progressive Ears' on Google and it actually says 'This site may be hacked'. It is redirecting to something called 'My File Store' if you access the site via Google (which I usually don't anyway)...this was flagged up in the forum long ago and yet nothing changed, it's still doing it now. Worrying.


The MyFileStore redirect hack is a known vulnerability of vBulletin and if its present it opens up other attack vectors. I suspect it facilitated this attack.

llanwydd
04-19-2017, 08:16 PM
Yeah, I got mine too. Like everybody else, I came here before downloading anything. I wonder how many people who downloaded the virus would actually come back here and admit it.

Baribrotzer
04-19-2017, 09:19 PM
Honestly, the first thing I thought of was Wallace. I knew right away it wasn't.

If it had been, it would have said something like,

ARRRR, ye lubbers, there be recently a security vulnerability we found in your software. All ye that visited within 24 months have been overhauled by the good ship Snake Oil Audio. We have fired our doughty HTML injections and have put a virus crashing right into the fo'c'sl of you PC.....

proggosaurus
04-19-2017, 09:50 PM
It only started happening to me with a recent Firefox update (say in the last 2-3 weeks), although I only use FF once in a while on my wife's computer. I wasn't really worried about it, just wondered if it was all related somehow.

it's the login form. using one on an insecure page (http) is a known security risk. anyone doing this is vulnerable to an attacker sniffing the network for username/password pairs. many people still choose to use the same pair at multiple sites including their financial institution. the form can also be modified while in transit to give someone more privileges while on site. even a low level hacker can accomplish this. people need to get educated on internet security and wise up. it's no game

moecurlythanu
04-19-2017, 10:15 PM
I wish I had too much time on my hand to witness this

NOT :p


It's a pretty low traffic site. Not much time involved, trust me.

MYSTERIOUS TRAVELLER
04-19-2017, 10:27 PM
We are very sorry for the inconvenience but we will be happy to see it that you will come back to ProgressiveEars

:lol

proggosaurus
04-19-2017, 10:37 PM
Silly me - thinking there was the possibility of porn involved - clicked on the links.

just go to xhamster. they've been seriously flooded with user generated content for months on end now.

Progbear
04-19-2017, 11:16 PM
Click on this extremely fishy Sendspace link? I think not!


Like, sorta, "Svet's recommendations of progressive rock sites (pick only one!)"?

Great minds think alike. “A pathetic attempt by Svetonio at bashing PE after being banned” was my first thought.

Jerjo
04-20-2017, 12:24 AM
I thinking that if someone on PE who's not Internet savvy might actually...ohmygawd, someone do a wellness check on Rand!

Fatoldbloke
04-20-2017, 01:23 AM
How do we know our personal details were not stolen from your site? I have asked to be removed from this site as a security concern. Sad it happened but having had my personal details stolen on Facebook I don't want it to happen again

Dave (in MA)
04-20-2017, 01:31 AM
Did they hack our webcams? Do we need to put on clothes while PEing?

Duncan Glenday
04-20-2017, 01:50 AM
How do we know our personal details were not stolen from your site? I have asked to be removed from this site as a security concern. Sad it happened but having had my personal details stolen on Facebook I don't want it to happen again

You have no personal details on this site, except for your email address, which the hacker did not see.

Please confirm if you want me to delete your account.

Duncan Glenday
04-20-2017, 01:51 AM
Did they hack our webcams? Do we need to put on clothes while PEing?

PLEASE put clothes on! I'm tired of hacking your webcam and seeing ... that! :rofl

DoubleDrummer
04-20-2017, 09:04 AM
I got that email message and just assumed it was Steve Howe all pissed off about the way we talk about him here at PE.

Poisoned Youth
04-20-2017, 09:26 AM
You have no personal details on this site, except for your email address, which the hacker did not see.

Yes, it's important to get the facts straight. All you need to join PE is to have an email address and log in password. Most people:

- Don't share personal information on PE
- Use an alias for their username
- Don't use a picture of themselves for their avatar

And having your email address alone is less "harmless" as someone having your phone number (which is often given without you knowing from otherwise reputable businesses).

The best advice that someone can give for PE if someone does obtain your email address is to change your password here at PE and not to use passwords here that you also use with online banking or retailers like Amazon.

Moribund
04-20-2017, 09:34 AM
I'm glad this is straightened out because I'm one of the members wanting to stay on this forum.

On a serious note - Thanks to Duncan and team for being right on top of this thing. As a very frequent reader of this forum (and occasional poster), I really enjoy this place. Much appreciation.

progeezer
04-20-2017, 10:06 AM
I got Duncan's email hours before I got the phony email. Good thing, since I am the antithesis of internet savvy.

Zeuhlmate
04-20-2017, 12:32 PM
You can always make a pseudonym email at gmail (a.o) and use it just for this one or another purpose.

Interstellar
04-20-2017, 02:29 PM
Thanks indeed for quickly addressing this situation.

Now we have to find out who really is behind the problem.
There is an impressive list of suspects.

Brian Lane
Geoff Downes
Billy Sherwood
Ahmet Zappa
Jon Anderson's Dark Aspect
Regressive Ears
The Post Neo Mathcore Underground Army
Kanye West
The Birotron Appreciation Society
Lars Ulrich
The Secret Order For the Elimination Of Yes Threads
The Secret Order Against the Elimination Of Threads
Tony Banks' "Joker" Aspect

... we'll probably never know.

Plasmatopia
04-20-2017, 02:59 PM
^^^Awesome! Is "Jon Anderson's Dark Aspect" already taken as a band name? Bummer if it is...lol....

moecurlythanu
04-20-2017, 03:58 PM
^ That's some railroad lingo there.

Big Ears
04-20-2017, 04:53 PM
Firefox told me to change my password for this site. How did they know? Anyway, I did change my password.

NogbadTheBad
04-20-2017, 05:08 PM
They know everything, they can tell you when to change your underpants.

walt
04-20-2017, 05:09 PM
They know when you've been sleeping, they know when you're awake.....

Plasmatopia
04-20-2017, 05:14 PM
They know everything, they can tell you when to change your underpants.

That must be the reason for dropping your pants during a reboot.

Jerjo
04-20-2017, 05:17 PM
Do they know if you're not wearing underpants? :O

Duncan Glenday
04-20-2017, 05:23 PM
Do they know if you're not wearing underpants? :O

No, but I do.

I regularly hack into your PC's webcam ... and I know what you do when you're alone! :bad

LOL

Seriously, though - I have a high-tech system to stop webcam hacking. It's one inch of electrical tape!

walt
04-20-2017, 05:27 PM
They know everything, they can tell you when to change your underpants.

The hell with underpants, and let the chips fall where they may.

stevea
04-20-2017, 06:06 PM
Seriously, though - I have a high-tech system to stop webcam hacking. It's one inch of electrical tape!

You only need an inch? ;)

Dave (in MA)
04-20-2017, 06:24 PM
The hell with underpants, and let the chips fall where they may.

You don't even need pants for that problem.

http://eventsnews.info/wp-content/uploads/2015/12/gazou00436.jpg

MYSTERIOUS TRAVELLER
04-20-2017, 07:43 PM
Has anyone else seen it? I sent it a few hours ago.

(I'll be honest, though, I've never used the mass email feature before - so I may not have done it correctly :oops )

I got it yesterday

Gruno
04-20-2017, 08:23 PM
I got it yesterday

Oh my! See a doctor and get rid of it!!

Trane
04-20-2017, 08:24 PM
Seriously, though - I have a high-tech system to stop webcam hacking. It's one inch of electrical tape!

First thing I did on my new laptop, even before I plugged in

Only take it off when I skype (which isn't often)

Poisoned Youth
04-20-2017, 08:34 PM
Only take it off when I skype (which isn't often)
Kinky...

Trane
04-20-2017, 08:44 PM
Kinky...

Didn't see that one coming... 10240

Gruno
04-20-2017, 10:25 PM
Didn't see that one coming...

That's not what Duncan told us.

Superfly
04-20-2017, 10:55 PM
I knew the original e-mail was bogus right from the start, I'm just surprised it didn't land in the junk folder. Hats off to the admins here for the quick response. You guys are great.

Firth
04-21-2017, 10:04 AM
Thanks Duncan[emoji6]Now I can't login in on the website. I tried to change my password using Safari's password suggestion and I thought it had taken it. Then after attempting to login it doesn't recognize it. I can't message the admin from the page either. But I think I am posting here. I say dump the webpage or move it to something that is modern enough to handle the most secure passwords which require special characters, numbers, and upper and lower case characters.

Firth
04-21-2017, 10:07 AM
Thanks Duncan[emoji6]Now I can't login in on the website. I tried to change my password using Safari's password suggestion and I thought it had taken it. Then after attempting to login it doesn't recognize it. I can't message the admin from the page either. But I think I am posting here. I say dump the webpage or move it to something that is modern enough to handle the most secure passwords which require special characters, numbers, and upper and lower case characters.

Ignore that post ^^^^^^

Firth
04-21-2017, 10:11 AM
Ignore that post ^^^^^^

So my attempt to login was with email instead of the screen name as username. Good thing Safar saved a previous password with the email username. It also saved the newer one with the Screenname. Now the screen name is associated with the correct password in Safari. Wew👍

Vic2012
04-21-2017, 10:21 AM
Just got an email with subject line.....Find Out What Russian Girls Really Want.

Been getting a lot of Russian spam in the last few weeks.....:rofl

Duncan Glenday
04-21-2017, 11:24 AM
Just got an email with subject line.....Find Out What Russian Girls Really Want.


And, what DO they want?

Vic2012
04-21-2017, 11:32 AM
Something I'm sure I ain't got.....:rofl

battema
04-21-2017, 11:32 AM
Probably to congratulate us on the USSR/US merger currently in progress...






[self-reported]
[not really that sorry]
[can't wait to wrestle my first bear]

NogbadTheBad
04-21-2017, 11:51 AM
And, what DO they want?

An Oligarch with a low life expectancy.

Plasmatopia
04-21-2017, 12:17 PM
And, what DO they want?

A hotel room and a client who brings his own plastic sheets.

walt
04-21-2017, 12:19 PM
They want to keel moose and keel squirrel.

Firth
04-21-2017, 01:56 PM
They don't want rubles[emoji848]

Enid
04-23-2017, 01:38 AM
I ignore all emails , am anti social with humans, have paid a fee to have my name changed, lost 65 pounds on a Zen diet and have changed my appearance making it very difficult for those who did know me to reconize me. It feels like I'm born again. You should try it sometime.

Kai
04-24-2017, 04:48 AM
I ignore all emails , am anti social with humans, have paid a fee to have my name changed, lost 65 pounds on a Zen diet and have changed my appearance making it very difficult for those who did know me to reconize me. It feels like I'm born again. You should try it sometime.

If I lost 30 kgs, I would quite probably be dead. So being born again would be a requirement.

Enid
04-24-2017, 10:09 AM
If I lost 30 kgs, I would quite probably be dead. So being born again would be a requirement.

Lol!

benbell
06-02-2017, 12:52 PM
You have no personal details on this site, except for your email address, which the hacker did not see.

I'm not sure this is the case. The email address I use for Progressive Ears was generated specifically for it and has never been given to anyone else. It had only received my sign up and validation mails before the hack. Since the hack it's started to receive spam. There's no way other than via Progressive Ears that this address could have been discovered so I'm afraid I think the hackers got more data than you think.

Scott Bails
06-02-2017, 03:00 PM
I'm not sure this is the case. The email address I use for Progressive Ears was generated specifically for it and has never been given to anyone else. It had only received my sign up and validation mails before the hack. Since the hack it's started to receive spam. There's no way other than via Progressive Ears that this address could have been discovered so I'm afraid I think the hackers got more data than you think.

If I'm reading correctly, they got your e-mail address and probably sold it. So, they didn't get any more data than Duncan described.

Don Arnold
06-02-2017, 07:55 PM
If I'm reading correctly, they got your e-mail address and probably sold it. So, they didn't get any more data than Duncan described.

I read Duncan's message as the hacker "didn't see" our email addresses, but benbell is suggesting the hackers may have seen them. I've also noticed an increase in spam in recent weeks where I'd rarely get any before. I'm not asserting Duncan is incorrect though.

Kai
06-20-2017, 07:34 AM
I read Duncan's message as the hacker "didn't see" our email addresses, but benbell is suggesting the hackers may have seen them. I've also noticed an increase in spam in recent weeks where I'd rarely get any before. I'm not asserting Duncan is incorrect though.

I have to agree with this. I never received spam on the email address I use for this site before the hack took place.

Zeuhlmate
06-20-2017, 08:13 AM
Best antispam system I know of - free version for 1 account is great

http://www.mailwasher.net/

tom unbound
06-24-2017, 11:10 PM
Mr. EZ Peters
US Embassy
William Howell
Mr. Rose Joseph
Merle Butler
Mrs Rose Julaha
Mrs Njide Adice
Dr Kenneth
Dr Terry

and F.B.I. Head Office


sound familiar ????

roylayer
06-25-2017, 01:50 PM
I got spam from at least some of them too. Fortunately, Gmail trapped all of them with its spam filter.

Gruno
06-25-2017, 06:14 PM
Mr. EZ Peters
US Embassy


I got the ones above in spam and also these:

Crystal Travis
Dean Lambert
Benita Gilliam
Jeremy Howe
Ross Keith
armando Harper
Long McLaughlin
Gaylord McFadden
Tania Hobbs
Shawna Cox
Loraine Blanchard
Logan Alvarez
Kate Ryan
Kim Rasmussen
Victoria Bell
Veronica Soto
Leigh Bullock
Roberto Franklin
Truman Roy
Aaron Michael

Progtastic
12-06-2017, 04:28 PM
I was checking to see if my e-mail address was known anywhere on the internet and got only one hit, a file that contains all the PE user data that was hacked. My email got almost no spam until after the hack, I now get dozens per day

File host: https://publicdbhost.dmca.gripe/random/vbulletindump/progressiveears.org-vb-2017.txt

There is also a copy of it hosted here: http://archive.is/xMObZ

From that it is clear that only the PE username and email address were compromised, the password data appears to be encrypted/hashed and would could not be extracted.

I have no idea if the files can be removed.

Gruno
12-06-2017, 05:57 PM
Thanks for the update on that. Interesting....