Log In
Name:
Pass:
Online Members (0)
No members are currently online.
Current Interguild Time:
Thu Mar 28 2024 1:54 pm
Member Chat Box  [click here to enlarge]
Recent Posts and Comments
ShareThis
I wish I didn't have to write this.



As you might have been aware of, recently The Interguild has been flooded with spam. The source of these problems are Thomas, Darvince and Jorster (all banned). Thomas has written scripts that have the potential to mass create accounts, spam PM's, topics and flood the chatbox with autogenerated messages of some kind. These have been shared with Darvince and Jorster. It's a minor inconvenience.

More bothersome would be the scripts that Thomas possess and have shared that allows him, Darvince and Jorster to hijack members that are currently logged in. This post originally contained a PM sent to Yimmy by Yaya. While Yimmy was logged in, his account got hijacked.

The staff can't do a lot to hinder this. We're hoping that Livio identifies the security issues and finds the time to fix it. He has cleaned up the spam that has been posted and deleted the mass-generated accounts. Not all issues are solved though.


We can't actively make Thomas, Darvince and Jorster stop their spam nor hijacking and without Livio we cannot prevent it. It's a very troublesome situation.


This is my belief: If you wish to avoid getting hijacked on your current account, you can create a new one and use that until the issues are fixed. When that has happened, we'll inform you.


If any member of the staff wishes to correct what I've written, do so.
« Previous Post  |  Next Post »
User Comments (13)
« Back to News Page
« Forum Index < News and Announcements

Quirvy
[?] Karma: 0 | Quote - Link
Monday, April 21 2014, 4:34 pm EST
  

Karma: 655
Posts: 7753
Gender: Male
pm | email
Just to clarify, your passwords are safe. They hijack your account as in be logged in under it, but that's all they can do. They can't change your password or preferences without knowing your password beforehand. The biggest problem this poses for you as an individual member is privacy as far as PMs go, and they could potentially post and send PMs pretending to be you.

Also logging out, even though it won't reset your online time if you log back in, will end your session, so I if you are worried, I would recommend logging out when you're done posting and stuff.



spooky secret
Teo
[?] Karma: 0 | Quote - Link
Monday, April 21 2014, 5:46 pm EST

Age: 25
Karma: 138
Posts: 1766
Gender: Male
Location: Warsaw, Poland
pm | email
All in all, I'd never expect such stuff to happen. I'm not too active lately (mainly because the site wasn't always as pleasant as usually because of the spam that never actually happened to be particularly fun for me) so I guess I didn't experience those issues, but getting stupid PMs every day can get annoying after some time.
FlashMarsh
[?] Karma: 0 | Quote - Link
Monday, April 21 2014, 6:14 pm EST

Age: 25
Karma: 99
Posts: 2727
Gender: Male
Location: UK
pm | email
just buy jorster some mcdonalds and he'll stop

I dont know about Darvince and THomas though
Vily
[?] Karma: 0 | Quote - Link
Monday, April 21 2014, 8:38 pm EST

Age: 30
Karma: 1
Posts: 18
Gender: Male
Location: alpha centuri
pm | email
~~GG~~
Bang Jan
[?] Karma: 0 | Quote - Link
Tuesday, April 22 2014, 1:26 pm EST

Age: 24
Karma: -37
Posts: 641
Gender: Male
pm | email
'everyone to only mak' said:
just buy jorster some mcdonalds and he'll stop

I dont know about Darvince and THomas though


Because bribery is the solution to everything, riiiiiiiight?
Livio
[?] Karma: +5 | Quote - Link
Tuesday, April 22 2014, 11:11 pm EST

Age: 31
Karma: 470
Posts: 9620
Gender: Male
Location: Arizona, USA
pm | email
I patched the login system to fix the account-hijacking vulnerability. Feel free to not be hidden.
Neezles And HB
[?] Karma: 0 | Quote - Link
Thursday, April 24 2014, 7:39 pm EST

Karma:
Posts:
pm | email
how did they get in the accounts in the first place?
Bmwsu
[?] Karma: 0 | Quote - Link
Thursday, April 24 2014, 7:50 pm EST

Age: 28
Karma: 175
Posts: 2557
Gender: Male
pm | email
Session IDs were generated using the time, so it was possible to create a script that guessed the ID for you.


Neezles And HB
[?] Karma: 0 | Quote - Link
Thursday, April 24 2014, 7:52 pm EST

Karma:
Posts:
pm | email
Ok. The chatbox page is also generated by time so u get something like ?t=43874783438 every time you click on it.
krotomo
[?] Karma: 0 | Quote - Link
Saturday, April 26 2014, 11:08 am EST
The Shepherd

Age: 23
Karma: 249
Posts: 4066
Gender: Male
Location: My chair
pm | email
Could it be that Jorster and Darvince were hacked by Thomas, and that Jorster and Darvince are actually innocent?

#conspiracytheories
Livio
[?] Karma: 0 | Quote - Link
Saturday, April 26 2014, 2:49 pm EST

Age: 31
Karma: 470
Posts: 9620
Gender: Male
Location: Arizona, USA
pm | email
Probably not since they haven't attempted to contact me since being banned.

Also I deleted a lot of spam that was posted the other day. That's why the chatbox has been reset, and why I accidentally deleted the Movies thread. Also, Neezles and HB was deleted in the process kinda by accident, since there were several accounts with similar names.
krotomo
[?] Karma: 0 | Quote - Link
Saturday, April 26 2014, 3:27 pm EST
The Shepherd

Age: 23
Karma: 249
Posts: 4066
Gender: Male
Location: My chair
pm | email
'Livio' said:
Also, Neezles and HB was deleted in the process kinda by accident, since there were several accounts with similar names.
Nice going, just when we thought we had lost enough members...
aych bee
[?] Karma: 0 | Quote - Link
Sunday, April 27 2014, 12:06 am EST
when i am king

Age: 104
Karma: 147
Posts: 1002
Gender: Female
Location: you will be first against the wall
pm | email
How did thomjordar spam all those posts if those accounts weren't even activated?


Spoiler:

« Forum Index < News and Announcements

In order to post in the forums, you must be logged into your account.
Click here to login.

© 2024 The Interguild | About & Links | Contact: livio@interguild.org
All games copyrighted to their respective owners.