I wish I didn't have to write this.
As you might have been aware of, recently The Interguild has been flooded with spam. The source of these problems are Thomas, Darvince and Jorster (all banned). Thomas has written scripts that have the potential to mass create accounts, spam PM's, topics and flood the chatbox with autogenerated messages of some kind. These have been shared with Darvince and Jorster. It's a minor inconvenience.
More bothersome would be the scripts that Thomas possess and have shared that allows him, Darvince and Jorster to hijack members that are currently logged in. This post originally contained a PM sent to Yimmy by Yaya. While Yimmy was logged in, his account got hijacked.
The staff can't do a lot to hinder this. We're hoping that Livio identifies the security issues and finds the time to fix it. He has cleaned up the spam that has been posted and deleted the mass-generated accounts. Not all issues are solved though.
We can't actively make Thomas, Darvince and Jorster stop their spam nor hijacking and without Livio we cannot prevent it. It's a very troublesome situation.
This is my belief: If you wish to avoid getting hijacked on your current account, you can create a new one and use that until the issues are fixed. When that has happened, we'll inform you.
If any member of the staff wishes to correct what I've written, do so. User Comments (13) | Quirvy |
 Â
Karma: 655 Posts: 7753 Gender: Male pm | email
|
Just to clarify, your passwords are safe. They hijack your account as in be logged in under it, but that's all they can do. They can't change your password or preferences without knowing your password beforehand. The biggest problem this poses for you as an individual member is privacy as far as PMs go, and they could potentially post and send PMs pretending to be you.
Also logging out, even though it won't reset your online time if you log back in, will end your session, so I if you are worried, I would recommend logging out when you're done posting and stuff.
spooky secret | | Teo |
Age: 25 Karma: 138 Posts: 1766 Gender: Male Location: Warsaw, Poland pm | email
|
All in all, I'd never expect such stuff to happen. I'm not too active lately (mainly because the site wasn't always as pleasant as usually because of the spam that never actually happened to be particularly fun for me) so I guess I didn't experience those issues, but getting stupid PMs every day can get annoying after some time. | | FlashMarsh |
Age: 25 Karma: 99 Posts: 2727 Gender: Male Location: UK pm | email
|
just buy jorster some mcdonalds and he'll stop
I dont know about Darvince and THomas though | | Vily |
Age: 30 Karma: 1 Posts: 18 Gender: Male Location: alpha centuri pm | email
|
~~GG~~ | | Bang Jan |
Age: 24 Karma: -37 Posts: 641 Gender: Male pm | email
|
'everyone to only mak' said: just buy jorster some mcdonalds and he'll stop
I dont know about Darvince and THomas though
Because bribery is the solution to everything, riiiiiiiight? | | Livio |
Age: 31 Karma: 470 Posts: 9620 Gender: Male Location: Arizona, USA pm | email
|
I patched the login system to fix the account-hijacking vulnerability. Feel free to not be hidden. | | Neezles And HB |
Karma: Posts: pm | email
|
how did they get in the accounts in the first place? | | Bmwsu |
Age: 28 Karma: 175 Posts: 2557 Gender: Male pm | email
|
Session IDs were generated using the time, so it was possible to create a script that guessed the ID for you.
| | Neezles And HB |
Karma: Posts: pm | email
|
Ok. The chatbox page is also generated by time so u get something like ?t=43874783438 every time you click on it. | | krotomo |
The Shepherd
Age: 23 Karma: 249 Posts: 4066 Gender: Male Location: My chair pm | email
|
Could it be that Jorster and Darvince were hacked by Thomas, and that Jorster and Darvince are actually innocent?
#conspiracytheories | | Livio |
Age: 31 Karma: 470 Posts: 9620 Gender: Male Location: Arizona, USA pm | email
|
Probably not since they haven't attempted to contact me since being banned.
Also I deleted a lot of spam that was posted the other day. That's why the chatbox has been reset, and why I accidentally deleted the Movies thread. Also, Neezles and HB was deleted in the process kinda by accident, since there were several accounts with similar names. | | krotomo |
The Shepherd
Age: 23 Karma: 249 Posts: 4066 Gender: Male Location: My chair pm | email
|
'Livio' said: Also, Neezles and HB was deleted in the process kinda by accident, since there were several accounts with similar names. Nice going, just when we thought we had lost enough members... | | aych bee |
when i am king
Age: 104 Karma: 147 Posts: 1002 Gender: Female Location: you will be first against the wall pm | email
|
How did thomjordar spam all those posts if those accounts weren't even activated?
| | |
« Forum Index < News and AnnouncementsIn order to post in the forums, you must be logged into your account. Click here to login.
|