Łukasz Ostrowski 593 Zgłoś post Napisano Lipiec 23, 2013 Treść maila: Hello,You are receiving this message because you have an account registered with this address on ubuntuforums.org.The Ubuntu forums software was compromised by an external attacker. As a result, the attacker has gained access to read your username, email address and an encrypted copy of your password from the forum database.If you have used this password and email address to authenticate at any other website, you are urged to reset the password on those accounts immediately as the attacker may be able to use the compromised personal information to access these other accounts. It is important to have a distinct password for different accounts. http://ubuntuforums.org/announce.html Udostępnij ten post Link to postu Udostępnij na innych stronach
cabana 15 Zgłoś post Napisano Lipiec 24, 2013 Chociaż się przyznali Udostępnij ten post Link to postu Udostępnij na innych stronach
Gość l3szcz Zgłoś post Napisano Lipiec 24, 2013 Jako nieliczni Udostępnij ten post Link to postu Udostępnij na innych stronach
Piotr GRD 608 Zgłoś post Napisano Lipiec 25, 2013 To jakaś szersza akcja, zdaje się. Jak już zdobędą jakąś bazę danych i uda się rozszyfrować hasła, używając ich próbują się dostać na inne fora i portale. Tak dostali się na simplemachines.org, administrator używał takiego samego hasła gdzie indziej: http://www.simplemachines.org/community/index.php?topic=508232.0 (...)On the 22nd of July 2013, it was discovered that unauthorized access to our website and database has been obtained on the 20th of July.The method is similar to the hacks that were recently conducted at other websites, even though those sites used other software.One of the admins account password was discovered, and from there further escalation wasn't too difficult considering admin privileges can do just about anything. (...) The method used by the hacker is that a database is downloaded from another hacked website, the passwords are attempted to be decrypted and if it is successful: they try to login to other websites using that username & password, or try to cross-reference by using password reset links.Unfortunately for us, a Administrator used the same password elsewhere on another site and access to our site was obtained when the password from the other hacked site was successfully decrypted. As a result, the hacker was able to login here with admin rights.Hundreds of websites have been hacked lately by using this method, so you are highly encouraged to change your passwords... (...) Udostępnij ten post Link to postu Udostępnij na innych stronach
