WE HAVE BEEN HACKED!
If you get an email, or see any post from "Admin" telling you to follow a link to fix a security vulnerability ...
IGNORE IT
It's a scam.
Thanks,
The (real) Admin
WE HAVE BEEN HACKED!
If you get an email, or see any post from "Admin" telling you to follow a link to fix a security vulnerability ...
IGNORE IT
It's a scam.
Thanks,
The (real) Admin
Last edited by Duncan Glenday; 04-19-2017 at 02:30 AM.
Regards,
Duncan
I wonder what the "fix" does if someone falls for it.
If only they would use their powers for Niceness instead of evil.
Wait a second,
How do we know that YOU are the real PE and not a hacker? I am getting confused
You need to make this warning more prominent
Ian
Host of the Post-Avant Jazzcore Happy Hour on progrock.com
https://podcasts.progrock.com/post-a...re-happy-hour/
Gordon Haskell - "You've got to keep the groove in your head and play a load of bollocks instead"
I blame Wynton, what was the question?
There are only 10 types of people in the World, those who understand binary and those that don't.
Woe, I almost fell for it too. But these days I question anything like that instead of blindly downloading. Glad I did!
Day dawns dark...it now numbers infinity.
I didn't fall for it. I never download something, just because some e-mail tells me so. I first look at the website.
The email I received went directly to my "deleted" folder. Not a good sign for sure. I'll bet if you download and install the fix that the supposed virus is there in the download itself. NEVER install an ".exe" file you don't recognize as legit. Also..anyone who had visited in the past "24 months"...seriously...and we are just hearing about it now??? SCAM SCAM SCAM!!!!!
Here's the message:
There was recently a security vulnerability we found in our software. All users that visited within 24 months have been affected. It is known as HTML injections and have put a virus into you PC. We have updated and made a fix. This is a client to remove the affected code 100% and protect you from attacks like these.
This will be required for all members wanting to stay on the forum because of recent security issues.
This file has been scanned for viruses and there is no need to worry about it!
DOWNLOAD HERE>>> """http://sendspace.com/file/8kx8sf[/"""
"""https://www.virustotal.com/en/file/eb8bff16823e6bb79e91db9fb98bb7b0ea11a42ea9a50979f3 ad0c8d0927934b/analysis/1491961464/"""
We are very sorry for the inconvenience but we will be happy to see it that you will come back to ProgressiveEars
I knew right away it wasn't.
If it had been, it would have said something like,
ARRRR, ye lubbers, there be recently a security vulnerability we found in your software. All ye that visited within 24 months have been overhauled by the good ship Snake Oil Audio. We have fired our doughty HTML injections and have put a virus crashing right into the fo'c'sl of you PC.....
We're gonna find them and make them wish they'D NEVER BEEN BORN!
"Improvisation is not an excuse for musical laziness" - Fred Frith
"[...] things that we never dreamed of doing in Crimson or in any band that I've been in," - Tony Levin speaking of SGM
Yup, I also had this and was about to open a thread in the site issue section (someone else did)
My first glance was in the Admin Site Issue forum to see if Sean/Coz/Duncan had posted there
Exactly, my first reaction was to check the site for confirmation
Hey, no need to get ugly and murderous
my music collection increased tenfolds when I switched from drug-addicts to complete nutcases.
The hackers ruined Genesis!
A soon as you read it, the fact that English is not this persons first language, makes it dead giveaway. Some of the grammar would make my wife apoplectic with rage....
Yes, it's strange to me that these people are so skilled at hacking yet don't get anyone to check their English. To be honest, it will be very difficult to tell a scan like this from a real warning if they put more work into the body text.
Can the admins here work out whether the hackers got just the user emails or did they get login passwords as well?
Duncan is your best bet to answer that. The only thing I can surmise from the email is that it referred to me by my user name, which I think help provides a clue. So they may have just used the admin messaging system to send a mass email and not by collecting everyone's data.
Last edited by Poisoned Youth; 04-19-2017 at 05:47 AM.
WANTED: Sig-worthy quote.
I suspected it was a scam but nice to have it clarified!
Probably a Phil Collins lover
“Pleasure and pain can be experienced simultaneously,” she said, gently massaging my back as we listened to her Coldplay CD.
Thanks.
---------------------
https://skeskeskeskeske.bandcamp.com/
https://www.facebook.com/skegroup
https://notagoodsign.bandcamp.com
https://www.facebook.com/notagoodsign
---------------------------------------
But obviously the scammers did get their hands on the progressive ears users database.
Bookmarks