Page 1 of 6 123456 LastLast
Results 1 to 25 of 153

Thread: IGNORE Any Posts Or Emails Titled : Critical Security Vulnerability

Hybrid View

Previous Post Previous Post   Next Post Next Post
  1. #1
    Moderator Duncan Glenday's Avatar
    Join Date
    Apr 2003
    Location
    Frederick, MD
    Posts
    759

    IGNORE Any Posts Or Emails Titled : Critical Security Vulnerability

    WE HAVE BEEN HACKED!

    If you get an email, or see any post from "Admin" telling you to follow a link to fix a security vulnerability ...

    IGNORE IT

    It's a scam.


    Thanks,


    The (real) Admin
    Last edited by Duncan Glenday; 04-19-2017 at 03:30 AM.
    Regards,

    Duncan

  2. #2
    Damn, lucky I checked here, almost fooled me...

  3. #3
    Banned Dave (in MA)'s Avatar
    Join Date
    Nov 2012
    Location
    42°09′30″N 71°08′43″W
    Posts
    2,861
    I wonder what the "fix" does if someone falls for it.

    If only they would use their powers for Niceness instead of evil.

  4. #4
    Member Firth's Avatar
    Join Date
    Nov 2012
    Location
    Severn, MD
    Posts
    2,778
    Quote Originally Posted by Dave (in MA) View Post
    I wonder what the "fix" does if someone falls for it.

    If only they would use their powers for Niceness instead of evil.
    If only we didn't live in the universe we live in.
    Art is parasitic on life, just as criticism is parasitic on art.
    Harry S Truman

  5. #5
    Wait a second,
    How do we know that YOU are the real PE and not a hacker? I am getting confused

  6. #6
    You need to make this warning more prominent

  7. #7
    I'm here for the moosic NogbadTheBad's Avatar
    Join Date
    Nov 2012
    Location
    Boston
    Posts
    5,775
    Quote Originally Posted by Udi Koomran View Post
    You need to make this warning more prominent
    Agreed - this need to be seen by everyone, I guessed it was a scam but was about to write to the admins.
    Ian

    I blame Wynton, what was the question?
    There are only 10 types of people in the World, those who understand binary and those that don't.

  8. #8
    Member AncientChord's Avatar
    Join Date
    Nov 2012
    Location
    Mojave Desert
    Posts
    268
    Woe, I almost fell for it too. But these days I question anything like that instead of blindly downloading. Glad I did!
    Day dawns dark...it now numbers infinity.

  9. #9
    I didn't fall for it. I never download something, just because some e-mail tells me so. I first look at the website.

  10. #10
    The email I received went directly to my "deleted" folder. Not a good sign for sure. I'll bet if you download and install the fix that the supposed virus is there in the download itself. NEVER install an ".exe" file you don't recognize as legit. Also..anyone who had visited in the past "24 months"...seriously...and we are just hearing about it now??? SCAM SCAM SCAM!!!!!

    Here's the message:

    There was recently a security vulnerability we found in our software. All users that visited within 24 months have been affected. It is known as HTML injections and have put a virus into you PC. We have updated and made a fix. This is a client to remove the affected code 100% and protect you from attacks like these.

    This will be required for all members wanting to stay on the forum because of recent security issues.

    This file has been scanned for viruses and there is no need to worry about it!

    DOWNLOAD HERE>>> """http://sendspace.com/file/8kx8sf[/"""

    """https://www.virustotal.com/en/file/eb8bff16823e6bb79e91db9fb98bb7b0ea11a42ea9a50979f3 ad0c8d0927934b/analysis/1491961464/"""

    We are very sorry for the inconvenience but we will be happy to see it that you will come back to ProgressiveEars

  11. #11
    Member
    Join Date
    Nov 2012
    Location
    Portland, OR, USA
    Posts
    1,479
    Quote Originally Posted by battema View Post
    Honestly, the first thing I thought of was Wallace.
    I knew right away it wasn't.

    If it had been, it would have said something like,

    ARRRR, ye lubbers, there be recently a security vulnerability we found in your software. All ye that visited within 24 months have been overhauled by the good ship Snake Oil Audio. We have fired our doughty HTML injections and have put a virus crashing right into the fo'c'sl of you PC.....

  12. #12
    We're gonna find them and make them wish they'D NEVER BEEN BORN!
    "Improvisation is not an excuse for musical laziness" - Fred Frith
    "[...] things that we never dreamed of doing in Crimson or in any band that I've been in," - Tony Levin speaking of SGM

  13. #13
    Quote Originally Posted by Scrotum Scissor View Post
    We're gonna find them and make them wish they'D NEVER BEEN BORN!
    Yes, we're going to invite them into a R&RHOF topic.

  14. #14
    That's Mr. to you, Sir!! Trane's Avatar
    Join Date
    Mar 2004
    Location
    in a cosmic jazzy-groove around Brussels
    Posts
    3,666
    Yup, I also had this and was about to open a thread in the site issue section (someone else did)


    Quote Originally Posted by Udi Koomran View Post
    You need to make this warning more prominent
    My first glance was in the Admin Site Issue forum to see if Sean/Coz/Duncan had posted there

    Quote Originally Posted by Rarebird View Post
    I didn't fall for it. I never download something, just because some e-mail tells me so. I first look at the website.
    Exactly, my first reaction was to check the site for confirmation

    Quote Originally Posted by Halmyre View Post
    Yes, we're going to invite them into a R&RHOF topic.
    Hey, no need to get ugly and murderous
    my music collection increased tenfolds when I switched from drug-addicts to complete nutcases.

  15. #15
    Member
    Join Date
    Nov 2012
    Location
    Coventry, UK
    Posts
    108
    The hackers ruined Genesis!

  16. #16
    Member
    Join Date
    Nov 2012
    Location
    Isle of Bute
    Posts
    142
    A soon as you read it, the fact that English is not this persons first language, makes it dead giveaway. Some of the grammar would make my wife apoplectic with rage....

  17. #17
    Quote Originally Posted by lovecraft View Post
    A soon as you read it, the fact that English is not this persons first language, makes it dead giveaway. Some of the grammar would make my wife apoplectic with rage....
    Great observation!!!

  18. #18
    Member Adrian's Avatar
    Join Date
    Nov 2012
    Location
    Seattle-ish
    Posts
    15
    Quote Originally Posted by lovecraft View Post
    A soon as you read it, the fact that English is not this persons first language, makes it dead giveaway. Some of the grammar would make my wife apoplectic with rage....
    Yep. Whenever in doubt, consider how poorly the "warning" is written. It will rarely steer you wrong.

  19. #19
    Quote Originally Posted by lovecraft View Post
    A soon as you read it, the fact that English is not this persons first language, makes it dead giveaway. Some of the grammar would make my wife apoplectic with rage....
    Yes, it's strange to me that these people are so skilled at hacking yet don't get anyone to check their English. To be honest, it will be very difficult to tell a scan like this from a real warning if they put more work into the body text.

    Can the admins here work out whether the hackers got just the user emails or did they get login passwords as well?

  20. #20
    Moderator Poisoned Youth's Avatar
    Join Date
    Feb 2002
    Location
    Nothern Virginia, USA
    Posts
    1,945
    Quote Originally Posted by Sordel View Post
    Yes, it's strange to me that these people are so skilled at hacking yet don't get anyone to check their English. To be honest, it will be very difficult to tell a scan like this from a real warning if they put more work into the body text.

    Can the admins here work out whether the hackers got just the user emails or did they get login passwords as well?
    Duncan is your best bet to answer that. The only thing I can surmise from the email is that it referred to me by my user name, which I think help provides a clue. So they may have just used the admin messaging system to send a mass email and not by collecting everyone's data.
    Last edited by Poisoned Youth; 04-19-2017 at 06:47 AM.
    WANTED: Sig-worthy quote.

  21. #21
    Quote Originally Posted by lovecraft View Post
    A soon as you read it, the fact that English is not this persons first language, makes it dead giveaway. Some of the grammar would make my wife apoplectic with rage....
    As it did yours truly!!! 
    John Kelman
    Senior Contributor, All About Jazz since 2004
    Freelance writer/photographer

  22. #22
    I suspected it was a scam but nice to have it clarified!

  23. #23
    LinkMan Chain's Avatar
    Join Date
    Nov 2012
    Location
    Townsville, Australia
    Posts
    156
    Probably a Phil Collins lover
    “Pleasure and pain can be experienced simultaneously,” she said, gently massaging my back as we listened to her Coldplay CD.

  24. #24

  25. #25
    Member thedunno's Avatar
    Join Date
    Nov 2012
    Location
    Netherlands
    Posts
    948
    But obviously the scammers did get their hands on the progressive ears users database.

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •