Author [EN] [ZH] [ES] [PT] [IT] [DE] [FR] [NL] [TR] [SR] [AR] [RU] [EN] [ZH] [ES] [PT] [IT] [DE] [FR] [NL] [TR] [SR] [AR] [RU] [EN] [ZH] [ES] [PT] [IT] [DE] [FR] [NL] [TR] [SR] [AR] [RU] Topic: "Authentication Required" message on our forum !!! DONT'T GIVE YOUR PASSWORD !!  (Read 626 times)

0 Members and 1 Guest are viewing this topic.

Offline liondani


POSSIBLE FISHING! (?)
Anybody that has already gave the password should change passwords for other applications/sites/wallets if they are identical !!!

What the hell do bitsapphire security wise on the forum? Is it acceptable to happen???
I want them to make a statement ASAP !!!!  FIX SECURITY leaks on the forum !!!!

When I try to see my messages I see this!!!   Don't give your personal details (username/password)
« Last Edit: November 09, 2014, 03:22:27 PM by liondani »
  https://bitshares.OPENLEDGER.info/?r=GREECE  | You are in Control | BUY | SELL | SHORT | SWAP | LOAN | TRADE |  

Offline donkeypong

  • Hero Member
  • *****
  • Posts: 2331
    • View Profile
I keep getting it. I just click cancel and things work OK.

Offline bytemaster

I have removed the attacking user account.

Admins - I shouldn't be the one first to respond to this kind of thing. 
For the latest updates checkout my blog: http://bytemaster.bitshares.org
Anything said on these forums does not constitute an intent to create a legal obligation or contract between myself and anyone else.   These are merely my opinions and I reserve the right to change them at any time.

Offline fluxer555

  • Hero Member
  • *****
  • Posts: 742
    • View Profile
bytemaster,

Infected accounts are displaying the exploit in their signatures. For example, member 'Akado':

https://bitsharestalk.org/index.php?topic=11056.0

This exploit should be taken care of, no '.php' files should be allowed between [ img ] tags

Offline bitsapphire

On it at the moment. It seems that user wmap exploited an smf bug to upload PHP scripts as photos. This is most likely as a result of us upgrading to a dedicated server with our hosting provider, and hence making it possible to execute non-smf related scripts.

We are working on resolving this issue asap.

Meanwhile, If anybody gets a similar prompt please notify us.
Register and get your personal Moonstone Wallet Beta here: https://moonstone.io/login-register.html

Offline feedthemcake

  • Full Member
  • ***
  • Posts: 156
    • View Profile
I have removed the attacking user account.

Admins - I shouldn't be the one first to respond to this kind of thing.

 +5% +5% +5%

Offline liondani

On it at the moment. It seems that user wmap exploited an smf bug to upload PHP scripts as photos. This is most likely as a result of us upgrading to a dedicated server with our hosting provider, and hence making it possible to execute non-smf related scripts.

We are working on resolving this issue asap.

Meanwhile, If anybody gets a similar prompt please notify us.
could we be at risk even if we haven't gave our info? Is it like a virus loaded on memory or only a phishing attempt?

Sent from my ALCATEL ONE TOUCH 997D
  https://bitshares.OPENLEDGER.info/?r=GREECE  | You are in Control | BUY | SELL | SHORT | SWAP | LOAN | TRADE |  

Offline liondani

official bitssaphire statement here:
https://bitsharestalk.org/index.php?topic=11163.0

Sent from my ALCATEL ONE TOUCH 997D

  https://bitshares.OPENLEDGER.info/?r=GREECE  | You are in Control | BUY | SELL | SHORT | SWAP | LOAN | TRADE |  

Offline luckybit

POSSIBLE FISHING! (?)
Anybody that has already gave the password should change passwords for other applications/sites/wallets if they are identical !!!

What the hell do bitsapphire security wise on the forum? Is it acceptable to happen???
I want them to make a statement ASAP !!!!  FIX SECURITY leaks on the forum !!!!

When I try to see my messages I see this!!!   Don't give your personal details (username/password)


It gets worse. As the market cap rises there will be much more targeted spear phishing. This is why as the market cap increases you also wan't a diverse group of owners. Centralized ownership with a high market cap is a liability in some ways.

https://metaexchange.info | Bitcoin<->Altcoin exchange | Instant | Safe | Low spreads

merockstar

  • Guest
I have removed the attacking user account.

Admins - I shouldn't be the one first to respond to this kind of thing.

I was looking at this at like 7AM.

Hook me up with some admin status BM-- I have had admin status on peercointalk for a long time (although I haven't been going there much lately).

Offline donkeypong

  • Hero Member
  • *****
  • Posts: 2331
    • View Profile
I have removed the attacking user account.

Admins - I shouldn't be the one first to respond to this kind of thing.

I was looking at this at like 7AM.

Hook me up with some admin status BM-- I have had admin status on peercointalk for a long time (although I haven't been going there much lately).

Me, too, please. It's always daytime somewhere, where one of us is on the forum. If a number of us are vigilant, we can knock it out before it bothers too many users. 

Offline sudo

  • Hero Member
  • *****
  • Posts: 2233
    • View Profile
  • BTS: ags
when can  bts's keyid login  function avaible& forum support it?

Offline liondani

The suspicious member sent a private message to several members here... check the screen shot if you are included...
Hope nobody gave him more information's about your habits...

I think we where his potential priority targets...Thoughts?



  https://bitshares.OPENLEDGER.info/?r=GREECE  | You are in Control | BUY | SELL | SHORT | SWAP | LOAN | TRADE |  

Offline ticklebiscuit

  • Full Member
  • ***
  • Posts: 97
    • View Profile
I have removed the attacking user account.

Admins - I shouldn't be the one first to respond to this kind of thing.

+100%

 

Google+