Author Topic: PSA: Forum Accounts are being Hijacked; for those who are not looking in drama  (Read 14835 times)

trigger warning: i am taking a shot in the dark

the only person i know of in the bl community that is capable of doing this is zapk.

we're going to fight fire with fire

go on their forum and spam research we totally wont be dropping down to their level or anything!11!

So I don't exactly know what's going on.  The attacks appear to be opportunistic, getting they accounts they can.  If there were a vulnerability to account login they would just login to my account or rotondo's and forget up everything.

What I've done is forced on https, deleted all existing sessions/cookies, and updated a few of the smf session hashing functions and seed values.  This would mitigate some types of session hijacking, if that's what was happening. 

The most likely answer is probably phishing.  It's happened multiple times before, with some huge body counts.  It's not always as obvious as "enter your key for blockland gold".

it's the infamous hacker 4chan


so what were all the hijacked accounts? I only saw the first 4

Everyone knows the way I type, so I should be safe.


i'm still as autistic as ever, its okay guys im safe.

I wish we knew who the spammer were.


I was just logged out and it said that the password on the BLF was different than the one I entered, even though my password worked.

This is spooky.


The defcon should be higher


Like 4.1

The defcon should be higher


Like 4.1

https://en.wikipedia.org/wiki/DEFCON

i dont think you know how this works

5 (least severe) ----> 1 (most severe)