Attempts to hack into VB.org accounts.

Suddenly I am very popular. Any one else receiving similar notices?

Dear Big Al,

Your account on vBulletin.org Forum has been locked because someone has tried to log into the account with the wrong password more than 5 times. You will be able to attempt to log in again in another 15 minutes.

The person trying to log into your account had the following IP address: 93.93.198.34 (Yugoslavia).


All the best,
vBulletin.org Forum

vBulletin.org Forum <[email protected]>
11:09 PM (16 minutes ago)





Dear Big Al,

Your account on vBulletin.org Forum has been locked because someone has tried to log into the account with the wrong password more than 5 times. You will be able to attempt to log in again in another 15 minutes.
The person trying to log into your account had the following IP address: 210.101.131.232 = (Korea)

 

Happens every so often, they look for accounts with weak passwords.

http://www.vbulletin.org/forum/showthread.php?t=294547

 

I just got hit too- 132.247.174.60

 

132.247.174.60= Valencia, California. United States. However seems to be via a Mexican proxy.

 

Yeah, I got 23 of them!

 

I had several of them too.

 

FYI, just because the email says the account is locked out, it isn't- not for you anyway. It only locks out the IP address that gave the wrong passwords.

 

Me too.

 

I didn't have any problem logging in later that day.

 

My understanding is that it locks out for approx fifteen minutes and then you can log back in.

 

I received a few emails like this earlier. They tried to hit me as well.

 

moving to the C's

 

I got 13 of these emails while sleeping last night.

 

You'd think there would be something to prevent this, or at least prevent all your users from getting 20 emails at a time?

 

It is quite easy to stop these with a simple program. But I am not employed by VB so let them work it out.

Instead of wasting time on making VB5 that is a total flop. It would have made a lot more sense to improve the functionality and security of VB4 etc.

However this would not have been as potentially profitable as a new super dooper (sic) system that VB could rave about.

 

My thought would be to implement a system that when we get an attack like this starting the admin can change a setting in the admin cp and either stop these emails or redirect them to a local admin account rather than every user. Then in a couple days when it is over, turn it back to normal.

Unfortunately with all the work Paul is doing on higher priority projects I don't foresee it happening. It would require manually editing the files, it can't be done via a plugin.

The other option if the emails bother you that much is you can go into your User CP and disable email from administrators, and you should stop getting them- but you won't get any board emails.

 

Can you run that by me again! What is more important than looking after your customers?

 

I received the same message about a month ago or two. I was in septic truth. I do not know what I should do.
And now i'm reassured ..

 

Customers are not in ANY danger.

 

Where did I say they were?
I said:

However, I can think of quite a few good reasons why it is undesirable for hackers or those who support them to have anyone's details.