Possible Security Leak? (Change Your Passwords, Just in Case
- Vanguard
- Posts: 1653
- Joined: 24 Nov 2009, 10:32
- First Video: Unskippable: Lost Planet
- Location: Kansas City, MO
- Contact:
Possible Security Leak? (Change Your Passwords, Just in Case
So, a few things have happened in the past 24 hours that, after connecting the dots, show a bit of a pattern.
We might have a security breach here on the forums.
Thus far I've gotten the same exact spam message sent to be as a direct message on Twitter by two different Runners (both Jester and Goat). Also, according to Facebook Wraith had some problems earlier today. I've never been one to believe in coincidence, so I'm willing to say that everyone's passwords may have been compromised.
Just to be safe I'd recommend that you make sure any accounts you have that use the same password as the LRR forums are safe, and just to be sure it might not hurt to change them altogether.
Now, this is just speculation, but the pattern is there, and it's better to be safe than sorry.
~V
We might have a security breach here on the forums.
Thus far I've gotten the same exact spam message sent to be as a direct message on Twitter by two different Runners (both Jester and Goat). Also, according to Facebook Wraith had some problems earlier today. I've never been one to believe in coincidence, so I'm willing to say that everyone's passwords may have been compromised.
Just to be safe I'd recommend that you make sure any accounts you have that use the same password as the LRR forums are safe, and just to be sure it might not hurt to change them altogether.
Now, this is just speculation, but the pattern is there, and it's better to be safe than sorry.
~V
-
- Posts: 7669
- Joined: 30 Mar 2010, 21:08
- First Video: Rapidfire I
- Location: The Land of Unbearably Fashionable People and Lots of Cars
Re: Possible Security Leak? (Change Your Passwords, Just in
I got the message from Theremin first; that may have been where it started. In any case, I don't cross-use passwords, so I should be fine. And I think it's probably spreading by runner because we know the same people, so we see it from the same people who clicked on it.
- LogicSword
- Posts: 2149
- Joined: 22 Sep 2010, 12:42
- First Video: Whiskey Tango Foxtrot
- Location: Sheffield, UK
Re: Possible Security Leak? (Change Your Passwords, Just in
Only Jester and Goat for me. Changing passwords just to be safe.
- Metcarfre
- Posts: 13676
- Joined: 08 Jul 2008, 13:52
- First Video: Not Applicable
- Location: Vancouver, B.C.
Re: Possible Security Leak? (Change Your Passwords, Just in
Has anyone told Paul and/or Graham yet?
*
- Vanguard
- Posts: 1653
- Joined: 24 Nov 2009, 10:32
- First Video: Unskippable: Lost Planet
- Location: Kansas City, MO
- Contact:
Re: Possible Security Leak? (Change Your Passwords, Just in
Fayili, you bringing up the link makes me think that it's not forum-based, but Facebook-based. Whatever application that link leads to on Facebook is dirty and hijacks both Facebook and Twitter (the app connects the both of them). It's just spreading through the Runner population because, well, we all know each other on Twitter, don't we?
I hope I'm preaching to the choir here, but just to be safe, a couple of tips:
I hope I'm preaching to the choir here, but just to be safe, a couple of tips:
- Just ignore app requests on Facebook. Period. Or at the very least if they have names that make no goddamn sense.
- On Facebook, in Account Settings > Security there's an option to turn on both secure browsing, login approvals and recognized devices. These are all extra layers of protection that'll secure your Facebook account and notify you via email when someone tries to log in from an unrecognized device. Use them.
Re: Possible Security Leak? (Change Your Passwords, Just in
I got the spammarific twitter direct message, too... from Theremin; and the FB from Wraith.
- King Kool
- Quality and Quantity
- Posts: 5987
- Joined: 28 Jan 2008, 19:22
- Location: Rhode Island
- Contact:
Re: Possible Security Leak? (Change Your Passwords, Just in
I got a spammy link from Jester on Twitter this morning. I couldn't tell him about it because I was running out the door to work.
- Wraith
- Posts: 2882
- Joined: 23 Jun 2006, 01:49
- First Video: Canadian Approval Board
- Location: Fredericksburg, VA. USA
- Contact:
Re: Possible Security Leak? (Change Your Passwords, Just in
I got a spam message on Twitter from Jester, and then my Facebook account got hacked. It had to be a hack, though; I have a different password for every site I belong to.
-Wraith
- empath
- Posts: 13531
- Joined: 28 Nov 2007, 17:20
- First Video: How to Talk Like a Pirate
- Location: back in the arse end of nowhere
Re: Possible Security Leak? (Change Your Passwords, Just in
Well, it'd be a week early, but I suppose there's no harm in resetting my passwords; I've got a few days off.
I can't be hacked through Facebook, and...when did I last tweet? *goes to check for these spam-tweets* Right, couple of weeks ago with that 'Insurance Company Makes Ghouls Look Upstanding And Moral' brouhaha. Oh, and I don't follow anyone who appears to have been 'infected'.
Good luck, everyone, and here's hoping we all see one another when the dust settles!
I can't be hacked through Facebook, and...when did I last tweet? *goes to check for these spam-tweets* Right, couple of weeks ago with that 'Insurance Company Makes Ghouls Look Upstanding And Moral' brouhaha. Oh, and I don't follow anyone who appears to have been 'infected'.
Good luck, everyone, and here's hoping we all see one another when the dust settles!
- tak197
- Feito Com Fruta
- Posts: 9010
- Joined: 13 Mar 2007, 19:20
- First Video: How To Talk Like A Pirate
- Location: Stroudsburg, PA
- Contact:
Re: Possible Security Leak? (Change Your Passwords, Just in
I went ahead and updated my Facebook security settings. That should be safe.
Re: Possible Security Leak? (Change Your Passwords, Just in
So, we're fine here though right?
Good. That's good.
Also, sorry to hear that guys
Good. That's good.
Also, sorry to hear that guys
- Deedles
- Posts: 4043
- Joined: 29 Nov 2010, 13:19
- First Video: Man Cooking
- Location: A shoebox on Kashyyyk.
- Contact:
Re: Possible Security Leak? (Change Your Passwords, Just in
I'll go ahead and change passwords anyway. It's about time I updated it.
Hurp-De-Durp!
- Merrymaker_Mortalis
- Posts: 7226
- Joined: 24 Feb 2010, 19:19
- First Video: ENN's First Episode on Escapist
- Location: Wales
Re: Possible Security Leak? (Change Your Passwords, Just in
The advantages of being an anti-social bastard. Risks of being hacked by chain messages is reduced!
Re: Possible Security Leak? (Change Your Passwords, Just in
From this I learned that Facebook has two factor authentication. But do I really want to give Facebook my phone number?
Re: Possible Security Leak? (Change Your Passwords, Just in
I believe because the spam links through to Facebook it harvests your FB details, and the firm on there that fakes the twitter login harvests your twitter password if you fill it in.
Goat has also been hijacked now.
Goat has also been hijacked now.
- Lord Hosk
- Posts: 6587
- Joined: 07 Dec 2011, 08:30
- First Video: Checkpoint: Into the breach
- Location: Half and inch below the knuckle of the ring finger. MI
Re: Possible Security Leak? (Change Your Passwords, Just in
You guys I dont know what you are talking about there is no hack get rich fast by buying penny stocks You too can watch the newest movies FOR FREE
My uncle is prince in Morocco would you money him give you so he get his money from the terrorist?
My uncle is prince in Morocco would you money him give you so he get his money from the terrorist?
Beware Bering Crystal Bears, Bearing Crystals. (Especially if the crystals they are bearing are, themselves, Bering Crystal Bears.) -Old, Stupid Proverb
[–]Graham_LRR
You hear that Khoo? We're almost better than the comic!
[–]Graham_LRR
You hear that Khoo? We're almost better than the comic!
- Vanguard
- Posts: 1653
- Joined: 24 Nov 2009, 10:32
- First Video: Unskippable: Lost Planet
- Location: Kansas City, MO
- Contact:
Re: Possible Security Leak? (Change Your Passwords, Just in
... so what we're getting at here is that we need to kill Hosk?
- Lord Hosk
- Posts: 6587
- Joined: 07 Dec 2011, 08:30
- First Video: Checkpoint: Into the breach
- Location: Half and inch below the knuckle of the ring finger. MI
Re: Possible Security Leak? (Change Your Passwords, Just in
People have tried before, with little success.
Beware Bering Crystal Bears, Bearing Crystals. (Especially if the crystals they are bearing are, themselves, Bering Crystal Bears.) -Old, Stupid Proverb
[–]Graham_LRR
You hear that Khoo? We're almost better than the comic!
[–]Graham_LRR
You hear that Khoo? We're almost better than the comic!
- Metcarfre
- Posts: 13676
- Joined: 08 Jul 2008, 13:52
- First Video: Not Applicable
- Location: Vancouver, B.C.
Re: Possible Security Leak? (Change Your Passwords, Just in
But you don't have that hat anymore...
*
- Vanguard
- Posts: 1653
- Joined: 24 Nov 2009, 10:32
- First Video: Unskippable: Lost Planet
- Location: Kansas City, MO
- Contact:
Re: Possible Security Leak? (Change Your Passwords, Just in
That won't be a problem, Hosk, I barely count as "people"...
- The Jester
- Posts: 6141
- Joined: 07 Aug 2008, 17:49
- First Video: The Truce
- Location: Chester, UK
- Contact:
Re: Possible Security Leak? (Change Your Passwords, Just in
And Elomin certainly doesn't!
- Elomin Sha
- Posts: 15774
- Joined: 22 Feb 2008, 05:14
- First Video: Max Effect
- Location: Woodford Green, England
- Contact:
Re: Possible Security Leak? (Change Your Passwords, Just in
That's just typical. You burn a few corpses and people think less of you. Young people have no sense of knowing their place or what perfect art truly is.
The most unique, nicest, and confusing individual you will get to know. Don't be stupid around me, that's my job.
https://displate.com/elominsha/galleries
If you need art, I take commissions, PM me.
https://displate.com/elominsha/galleries
If you need art, I take commissions, PM me.
- Smeghead
- Bear Hunter S
- Posts: 2409
- Joined: 15 Apr 2008, 23:46
- First Video: The Writers Room
- Location: *sigh* Haparanda, Sweden
- Contact:
Re: Possible Security Leak? (Change Your Passwords, Just in
So this is only a facebook/twitter issue then? Good thing I have neither. Being an anti-social bastard pays off!
- King Kool
- Quality and Quantity
- Posts: 5987
- Joined: 28 Jan 2008, 19:22
- Location: Rhode Island
- Contact:
Re: Possible Security Leak? (Change Your Passwords, Just in
Got another one from Jester's twitter.
Re: Possible Security Leak? (Change Your Passwords, Just in
Jester is aware, he says he doesn't have any twitter apps that have requested DM permissions, and he's changed his password, so my assumption was that they'd used OAuth to grab an access token.
He's tried logging out which should invalidate any access tokens (assuming twitter are implementing OAuth properly) and should hopefully solve the problem.
We'll wait and see.
Also if you do spot any rogue Twitter or Facebook apps in their respective Apps list I suggest you remove them and/or flag them. Although Twitter's page has a Javascript error that prevents you from revoking the access right now.
He's tried logging out which should invalidate any access tokens (assuming twitter are implementing OAuth properly) and should hopefully solve the problem.
We'll wait and see.
Also if you do spot any rogue Twitter or Facebook apps in their respective Apps list I suggest you remove them and/or flag them. Although Twitter's page has a Javascript error that prevents you from revoking the access right now.
Return to “General Discussion”
Who is online
Users browsing this forum: No registered users and 63 guests