Bogus Email Alert

I feel special now, I think. I don't know if I should be flattered that they care or disturbed by the fact that it happened. In any case, I received an email today that was formatted to look like it was a security notice from the blog. The basic gist of it was that the system had been compromised and everyone needed to download and run an attached EXE file to remove the virus that had been installed by the security breach, then follow another link to a phishing site dressed up to look like a generic Sandbox installation in order to "revalid you credentals". Typos as seen in the email. Nice one, yes?

First off, no such security breach has taken place here. The message is bogus. If you've received one yourself, DELETE IT IMMEDIATELY as the attachment is the real virus.

Secondly, if such an event had taken place, I would have posted something to warn you all about it from here. Sort of like I'm doing right now :)

Third, Sandbox doesn't even have mass user-email in the AdminCP, which the message was disguised as.

Carry on, and may the spammers develop ass rot in their mother's basements.
.........................
"It is pointless to resist, my son." -- Darth Vader
"Resistance is futile." -- The Borg
"Mother's coming for me in the dragon ships. I don't like these itchy clothes, but I have to wear them or it frightens the fish." -- Thurindil

Well. I guess that's that then.

       
« Cross the Border
Oblivion: Tracking Down Corrupt Spawn Points »

Posted on Jul 30, 2010 9:07 pm by Samson in: | 17 comment(s) [Closed]
Comments
It's funny, but you also reported that this happened on Smaugmuds.org today and Nick Gammons also reported that he had it happen with his forums yesterday as well. I'm thinking that's too many related hits to be pure coincidence.

I haven't received one of these emails for any of the three sites myself, btw.

Maybe that's a feature sandbox should have since it now has membership capabilities?

       
Gammon got hit too? Definitely sounds like some kind of coordinated effort then. I doubt it's being directed specifically at MUDs but just the forums in general. Honestly I don't know why they bother my blog, it's not like I'm linked to anything big.... unless it's all the Oblivion content attracting the bots :)

       
I don't know, I've not really been following many other forums lately, though TMC and MB didn't post anything recently and I haven't been hit myself yet... on the other hand, I really wouldn't find it particularly noteworthy myself as I'm pretty used to ignoring emails that say they're from me like that. I suppose if I saw one claiming to be from one of my sites I'd want to relay a warning to my members too though. :shrug:

:lol: could be, though I suspect you've got more going than you realize sometimes too... for example, look at your projects tab at the top of this very page. Gammon's got his own reasons to be able to claim a significant count of google hits too. :shrug:
In fact, as much as he worries about things like page rank, I'll be Zeno's prolly feeling like bot/spam central most of the time. :lol:

       
You may be right, popped on to Google Webmasters:

This table lists a sample of 1,485 external pages that link to http://www.iguanadons.net/.
Total links: 344,169.


I had no idea :)

       
After all this time, you still didn't think there'd be a few links to this place, especially via Google's search?? :lol:

Btw, on a fairly unrelated note, it's nice to see QSFP's forums back up after being down the last three or four days.. what was wrong?

       
Apache was down and apparently nobody cared enough to notice. The system didn't send the alert its supposed to either.

       
I'd noticed, but usually when something like that happens you're on top of it and I get the feeling that I'm annoying you when I pester you to mention it by having pulled you off of trying to resolve it so I just try to wait it out. With qsfportal though I tend to be considerably more patient than I would one of your other sites because I know that you and I are about the only folks who visit it daily and the site can go for weeks between posts normally anyway. I guess that's two that I should've bugged you about and didn't realize you needed bugging on. I'll go back to alerting you each time again, I'd rather you be annoyed with me for telling you what you already knew than for not telling you something you needed to know. :(

       
Beginning to suspect the SVN repositories are killing it hard because I occasionally see glitch reports from the system about how it got messed up and couldn't read. I've been strongly considering moving QSFP, PDNS-Admin, and Sandbox over to Google Code projects so I don't have to deal with the backlash from it here. That and I'd be far less worried about turning over project control to one or more down the road should I get utterly sick of dealing with them when I don't have to worry about the group permissions.

       
While I don't relish the idea of you turning control of those projects to someone else, your logic is certainly sound enough.

       
Er. I might have needed to think this through just a bit. It's transmitting all 386 revision records in my SVN repository up to Google. And that's just for QSFP. :P

Ah well, I think the Google thing will be more stable in the long run than trying to deal with the burden locally. It's surprisingly easy to set up though.

       
Hmm, that's good to know. But would it work with a repository that's not presently live and which only allows access by those specifically permitted in possession of a valid password? (I keep meaning to essentially restart my repository for my mud under a new CVS method and not getting around to it. The original repository that was live was still on the server that died on me, what I've got left is basically a backup copy of it but I can't get CVS running on the newer server.)

       
Google only has SVN and something called Mercurial available. I went with SVN for obvious reasons. If your old broken one is in CVS format I don't think that's going to work.

I also don't see any controls to make the repository entirely private, so it would only be useful for something that's already intended to be public, like QSFP.

       
Hmm, I do know that both SVN and Mercurial have means available to import CVS format, but I think those may rely upon the CVS repository still being running too. *mutter*

Ah, that wouldn't work so well for me then anyway. Oh well, it was a thought.

       
Second project ported. This went way smoother than I expected. That's two less sources of trouble from search bots finding the repositories now.

       
You're still going to have each new version release posted to it's respective site though, right? Or will we have to hit google code to grab the latest and greatest for each project now?

       
They'll all stay at their homepages. Only the SVN and bug tracking moved. It remains to be seen if it helps with traffic or not, but I can't see how it won't because there's nothing to drag the bots into.

       
Hmm, so it's just the bug tracking that's going to be a matter of figuring out where we're supposed to go to report stuff now. I suppose that's a step in the right direction, but it's going to take some getting used to. You don't happen to have URLs handy for that aspect of all this, do you?


:snicker: As a total side-note, this happens to be my 1800th post here. :cool: :biggrin:

       
Edited by Conner on Aug 1, 2010 2:29 pm
<< prev 1 next >>
Comments Closed
Comments for this entry have been closed.
Anonymous
Register

Forgot Password?

SuMoTuWeThFrSa
 1 2 3
4 5 6 7 8 9 10
11 12 13 14 15 16 17
18 19 20 21 22 23 24
25 26 27 28 29 30 31