Page 1 of 7 12345 ... LastLast
Results 1 to 25 of 153

Thread: IGNORE Any Posts Or Emails Titled : Critical Security Vulnerability

  1. #1
    Moderator Duncan Glenday's Avatar
    Join Date
    Apr 2003
    Location
    Frederick, MD
    Posts
    2,090

    IGNORE Any Posts Or Emails Titled : Critical Security Vulnerability

    WE HAVE BEEN HACKED!

    If you get an email, or see any post from "Admin" telling you to follow a link to fix a security vulnerability ...

    IGNORE IT

    It's a scam.


    Thanks,


    The (real) Admin
    Last edited by Duncan Glenday; 04-19-2017 at 02:30 AM.
    Regards,

    Duncan

  2. #2
    Damn, lucky I checked here, almost fooled me...

  3. #3
    Parrots Ripped My Flesh Dave (in MA)'s Avatar
    Join Date
    Nov 2012
    Location
    42°09′30″N 71°08′43″W
    Posts
    6,262
    I wonder what the "fix" does if someone falls for it.

    If only they would use their powers for Niceness instead of evil.

  4. #4
    Wait a second,
    How do we know that YOU are the real PE and not a hacker? I am getting confused

  5. #5
    You need to make this warning more prominent

  6. #6
    Member AncientChord's Avatar
    Join Date
    Nov 2012
    Location
    Mojave Desert
    Posts
    526
    Woe, I almost fell for it too. But these days I question anything like that instead of blindly downloading. Glad I did!
    Day dawns dark...it now numbers infinity.

  7. #7
    I didn't fall for it. I never download something, just because some e-mail tells me so. I first look at the website.

  8. #8
    The email I received went directly to my "deleted" folder. Not a good sign for sure. I'll bet if you download and install the fix that the supposed virus is there in the download itself. NEVER install an ".exe" file you don't recognize as legit. Also..anyone who had visited in the past "24 months"...seriously...and we are just hearing about it now??? SCAM SCAM SCAM!!!!!

    Here's the message:

    There was recently a security vulnerability we found in our software. All users that visited within 24 months have been affected. It is known as HTML injections and have put a virus into you PC. We have updated and made a fix. This is a client to remove the affected code 100% and protect you from attacks like these.

    This will be required for all members wanting to stay on the forum because of recent security issues.

    This file has been scanned for viruses and there is no need to worry about it!

    DOWNLOAD HERE>>> """http://sendspace.com/file/8kx8sf[/"""

    """https://www.virustotal.com/en/file/eb8bff16823e6bb79e91db9fb98bb7b0ea11a42ea9a50979f3 ad0c8d0927934b/analysis/1491961464/"""

    We are very sorry for the inconvenience but we will be happy to see it that you will come back to ProgressiveEars

  9. #9
    We're gonna find them and make them wish they'D NEVER BEEN BORN!
    "Improvisation is not an excuse for musical laziness" - Fred Frith
    "[...] things that we never dreamed of doing in Crimson or in any band that I've been in," - Tony Levin speaking of SGM

  10. #10
    Member
    Join Date
    Nov 2012
    Location
    Coventry, UK
    Posts
    247
    The hackers ruined Genesis!

  11. #11
    Member
    Join Date
    Nov 2012
    Location
    Isle of Bute
    Posts
    450
    A soon as you read it, the fact that English is not this persons first language, makes it dead giveaway. Some of the grammar would make my wife apoplectic with rage....

  12. #12
    I suspected it was a scam but nice to have it clarified!

  13. #13
    Quote Originally Posted by lovecraft View Post
    A soon as you read it, the fact that English is not this persons first language, makes it dead giveaway. Some of the grammar would make my wife apoplectic with rage....
    Great observation!!!

  14. #14
    LinkMan Chain's Avatar
    Join Date
    Nov 2012
    Location
    Townsville, Australia
    Posts
    163
    Probably a Phil Collins lover
    “Pleasure and pain can be experienced simultaneously,” she said, gently massaging my back as we listened to her Coldplay CD.

  15. #15
    Quote Originally Posted by Scrotum Scissor View Post
    We're gonna find them and make them wish they'D NEVER BEEN BORN!
    Yes, we're going to invite them into a R&RHOF topic.

  16. #16

  17. #17
    Member thedunno's Avatar
    Join Date
    Nov 2012
    Location
    Netherlands
    Posts
    2,119
    But obviously the scammers did get their hands on the progressive ears users database.

  18. #18
    Quote Originally Posted by lovecraft View Post
    A soon as you read it, the fact that English is not this persons first language, makes it dead giveaway. Some of the grammar would make my wife apoplectic with rage....
    Yep. Whenever in doubt, consider how poorly the "warning" is written. It will rarely steer you wrong.

  19. #19
    That's Mr. to you, Sir!! Trane's Avatar
    Join Date
    Mar 2004
    Location
    in a cosmic jazzy-groove around Brussels
    Posts
    6,091
    Yup, I also had this and was about to open a thread in the site issue section (someone else did)


    Quote Originally Posted by Udi Koomran View Post
    You need to make this warning more prominent
    My first glance was in the Admin Site Issue forum to see if Sean/Coz/Duncan had posted there

    Quote Originally Posted by Rarebird View Post
    I didn't fall for it. I never download something, just because some e-mail tells me so. I first look at the website.
    Exactly, my first reaction was to check the site for confirmation

    Quote Originally Posted by Halmyre View Post
    Yes, we're going to invite them into a R&RHOF topic.
    Hey, no need to get ugly and murderous
    my music collection increased tenfolds when I switched from drug-addicts to complete nutcases.

  20. #20
    Member Zeuhlmate's Avatar
    Join Date
    Nov 2012
    Location
    Copenhagen, Denmark
    Posts
    7,261
    You should also always be alerted when the download link doesnt match progressiveears.org but is going somewhere else.

    BUT there must be some kind of vulnerabilty, since the Opera browser warns you that progressiveears.org has a problem...

  21. #21
    Quote Originally Posted by lovecraft View Post
    A soon as you read it, the fact that English is not this persons first language, makes it dead giveaway. Some of the grammar would make my wife apoplectic with rage....
    Yes, it's strange to me that these people are so skilled at hacking yet don't get anyone to check their English. To be honest, it will be very difficult to tell a scan like this from a real warning if they put more work into the body text.

    Can the admins here work out whether the hackers got just the user emails or did they get login passwords as well?

  22. #22
    Moderator Poisoned Youth's Avatar
    Join Date
    Feb 2002
    Location
    Nothern Virginia, USA
    Posts
    3,022
    Geez, the depths that Snake Oil Audio will go to get members...



    Thanks, Duncan. Hopefully everyone checks here first for clarification.
    WANTED: Sig-worthy quote.

  23. #23
    Moderator Poisoned Youth's Avatar
    Join Date
    Feb 2002
    Location
    Nothern Virginia, USA
    Posts
    3,022
    Quote Originally Posted by Sordel View Post
    Yes, it's strange to me that these people are so skilled at hacking yet don't get anyone to check their English. To be honest, it will be very difficult to tell a scan like this from a real warning if they put more work into the body text.

    Can the admins here work out whether the hackers got just the user emails or did they get login passwords as well?
    Duncan is your best bet to answer that. The only thing I can surmise from the email is that it referred to me by my user name, which I think help provides a clue. So they may have just used the admin messaging system to send a mass email and not by collecting everyone's data.
    Last edited by Poisoned Youth; 04-19-2017 at 05:47 AM.
    WANTED: Sig-worthy quote.

  24. #24
    That's Mr. to you, Sir!! Trane's Avatar
    Join Date
    Mar 2004
    Location
    in a cosmic jazzy-groove around Brussels
    Posts
    6,091
    Quote Originally Posted by Poisoned Youth View Post
    Geez, the depths that Snake Oil Audio will go to get members...
    I suppose that's humour and nothing to do with Wallace & Svet getting back at us
    my music collection increased tenfolds when I switched from drug-addicts to complete nutcases.

  25. #25
    Quote Originally Posted by Trane View Post
    Svet getting back at us
    Like, sorta, "Svet's recommendations of progressive rock sites (pick only one!)"?
    "Improvisation is not an excuse for musical laziness" - Fred Frith
    "[...] things that we never dreamed of doing in Crimson or in any band that I've been in," - Tony Levin speaking of SGM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •