Reporting spam

Off topic discussion zone.

Moderators: winston, another_commander, Cody

User avatar
imipak
Above Average
Above Average
Posts: 31
Joined: Sun Sep 25, 2005 9:54 pm
Location: Portland, OR
Contact:

On the miniscule possibility nobody has noticed...

Post by imipak »

...the boards are being spam-flooded with a link that tries to install a Windows executable. Which is odd, as I'd expect 99% of everyone here to use Macs or Linux.

In either case, I hereby petition the GalCops to classify the originating offender as a Fugitive, but would still like to know if the trojan is being used to add more spam to the boards through compromised accounts (browser defect) or if it's a server glitch that is being exploited.

(This is important. If it's the former, then as soon as those individuals clean their systems and change their passwords, things'll be fine. If it's a system problem, and that's why we're seeing so many different "users" posting, then everyone should treat their password as compromised and change it as soon as the problem is fixed.)
User avatar
Magus Zeal
Above Average
Above Average
Posts: 24
Joined: Sun Feb 18, 2007 8:48 am
Contact:

Post by Magus Zeal »

Unfortunatly, Killer Wolf, the only one who has the power to install that sort of stuff is not available right now. He'd have to be contacted personally then step in to do this.

I plan on taking the spammer's tools away. These spammers are from zombies, and all I have to do is send some sanctions to the ISPs of the zombies and there goes their service. Then I can (try) to complain to the hosting company of the "websites" and see if I can get them shut down -- but they're located in the Ukraine, which might mean my complaints would get laughed at.
User avatar
Uncle Reno
---- E L I T E ----
---- E L I T E ----
Posts: 648
Joined: Mon Apr 24, 2006 12:54 pm
Location: UK

Post by Uncle Reno »

"Get back or I unleash my lethal spotted batoid!!"

What I do when not reading the Oolite bulletin board!
User avatar
Killer Wolf
---- E L I T E ----
---- E L I T E ----
Posts: 2278
Joined: Tue Jan 02, 2007 12:38 pm

Post by Killer Wolf »

Magus Zeal wrote:
Unfortunatly, Killer Wolf, the only one who has the power to install that sort of stuff is not available right now. He'd have to be contacted personally then step in to do this.

I plan on taking the spammer's tools away. These spammers are from zombies, and all I have to do is send some sanctions to the ISPs of the zombies and there goes their service. Then I can (try) to complain to the hosting company of the "websites" and see if I can get them shut down -- but they're located in the Ukraine, which might mean my complaints would get laughed at.
ah, ok. i thought mebbes a few of the admin types who delete the posts would be able to alter settings etc.
the board on my side (by boardstogo) introduced the security word thing for posts, where you have to type in a random code generated by the board, had a search on php but i couldn't see any MODs like this, sadly :-(

anyways, cheers in advance for anything you manage to do to cut down this rubbish :-)
User avatar
TGHC
---- E L I T E ----
---- E L I T E ----
Posts: 2157
Joined: Mon Jan 31, 2005 4:16 pm
Location: Berkshire, UK

Post by TGHC »

What are the spammers trying to achieve, is it to get your personal details or something?
The Grey Haired Commander has spoken!
OK so I'm a PC user - "you know whats scary? Out of billions of sperm I was the fastest"
User avatar
Uncle Reno
---- E L I T E ----
---- E L I T E ----
Posts: 648
Joined: Mon Apr 24, 2006 12:54 pm
Location: UK

Post by Uncle Reno »

:roll:
Yet another bot that has posted lots of spam
https://bb.oolite.space/profile.php?mode ... ile&u=1612
"Get back or I unleash my lethal spotted batoid!!"

What I do when not reading the Oolite bulletin board!
User avatar
Killer Wolf
---- E L I T E ----
---- E L I T E ----
Posts: 2278
Joined: Tue Jan 02, 2007 12:38 pm

Post by Killer Wolf »

christ wept, they're working overtime today >:-( every time i come back there's like a dozen more posts.
scum.
User avatar
Captain Hesperus
Grand High Clock-Tower Poobah
Grand High Clock-Tower Poobah
Posts: 2310
Joined: Tue Sep 19, 2006 1:10 pm
Location: Anywhere I can sell Trumbles.....

Post by Captain Hesperus »

https://bb.oolite.space/profile.php? ... ile&u=1613
For what it's worth. He'll probably be back two minutes after he's deleted.
:sigh:

<P.S.> here's his crap.
https://bb.oolite.space/viewtopic.ph ... ght=#31710

Captain Hesperus
"Despondancy is a crack sniper with a loaded rifle and ammo to spare in a high tower that, unbeknownst to him, has had all the uppermost windows bricked up to prevent pigeons getting in."
User avatar
JensAyton
Grand Admiral Emeritus
Grand Admiral Emeritus
Posts: 6657
Joined: Sat Apr 02, 2005 2:43 pm
Location: Sweden
Contact:

Post by JensAyton »

Killer Wolf wrote:
had a bit more trawl of php, maybe a mod/admin could scope these out??

TIPS
Set activation to 'user' or 'admin'
Already got that.
Killer Wolf wrote:
Enable visual confirmation
Already got that.
Killer Wolf wrote:
Disable guest posting
Already got that.
Killer Wolf wrote:
MODS
Looking into those.
User avatar
JensAyton
Grand Admiral Emeritus
Grand Admiral Emeritus
Posts: 6657
Joined: Sat Apr 02, 2005 2:43 pm
Location: Sweden
Contact:

Re: On the miniscule possibility nobody has noticed...

Post by JensAyton »

imipak wrote:
...the boards are being spam-flooded with a link that tries to install a Windows executable. Which is odd, as I'd expect 99% of everyone here to use Macs or Linux.

In either case, I hereby petition the GalCops to classify the originating offender as a Fugitive, but would still like to know if the trojan is being used to add more spam to the boards through compromised accounts (browser defect) or if it's a server glitch that is being exploited.
Neither. The bots are registering new accounts and using those. The only defences stock phpBB has are e-mail confirmation (not a problem with so many free e-mail hosts) and a weak CAPTCHA.

As for the Windows executable, there’s no oddness. The botnets don’t care what the board is about, they just look for phpBBs.
User avatar
Captain Hesperus
Grand High Clock-Tower Poobah
Grand High Clock-Tower Poobah
Posts: 2310
Joined: Tue Sep 19, 2006 1:10 pm
Location: Anywhere I can sell Trumbles.....

Post by Captain Hesperus »

*

https://bb.oolite.space/profile.php?mode ... ile&u=1604
<ka-chik> BOOOOOOOOMM!!
Not on my watch!

Capt'n H
User avatar
reills
Deadly
Deadly
Posts: 244
Joined: Thu Sep 21, 2006 4:41 pm
Location: Pawling, NY U.S.A.

Post by reills »

Post Reply