Possible hacker targeting the forums - SIG Talk
SIG Talk Gun Forum

Possible hacker targeting the forums

This is a discussion on Possible hacker targeting the forums within the Site Help and Support forums, part of the SIG Talk category; Since joining I've received 2 security alerts for my email. That's often the sign that a hacker is attempting to gain your personal information, as ...


Go Back   SIG Talk > SIG Talk > Site Help and Support

Site Help and Support Notice an issue with your account or the site? Post here for help.

Like Tree18Likes
Reply
 
LinkBack Thread Tools Display Modes
Old 09-16-2018, 06:09 AM   #1
Member
 
Join Date: Sep 2018
Posts: 38
Likes Received 14
Possible hacker targeting the forums

Since joining I've received 2 security alerts for my email. That's often the sign that a hacker is attempting to gain your personal information, as people often have their email linked to their bank accounts ect. Since they usually attack forums due to their weaker security, and this is the only forum I've joined, I can only assume it's come from here.
bearone2 and Lancer L5 AWM like this.
terryhiatt321 is offline  
Register

Welcome to the SIG Talk Forum dedicated to SIG Sauer Pistols and SIG Sauer Rifles.

We welcome everyone and the community is free to join so register today and become part of the SIG Talk Forum!

Old 09-16-2018, 07:06 AM   #2
Senior Member
 
Join Date: Jan 2016
Location: Florida
Posts: 2,548
Likes Received 1699
My virus protection just finished scan today. No threats noted.
bearone2 and Lancer L5 AWM like this.
Jerrysea is offline  
Old 09-16-2018, 07:41 AM   #3
Super Moderator
Supporting Member
 
incar's Avatar
 
Join Date: Jul 2013
Location: Chester County, PA
Posts: 33,522
Likes Received 114113
Since your email is an account on Yahoo your issue is likely with the email service - most likely not with this forum.
incar is offline  
 
Old 09-16-2018, 07:49 AM   #4
Member
 
Join Date: Sep 2018
Posts: 38
Likes Received 14
That's actually a common misconception. Hackers generally target the forums servers because they're easily accessible, and there's usually no added security features like locking out accounts trying to send or receive large amounts of data, or alerting an administrator like your typical firewall would do.
Paired with that is the fact that this has happened on two separate email servers, makes it extremely unlikely that it's the email servers themselves, as in addition to the facts above, most billion dollar companies have active monitoring of servers, and auto alerts for activity that breaches certain protocol.
In summation, believe what you want, but I'm just alerting my fellow Sig owners to be cautious. Whatever you chose to do with the information is on you.
bearone2 and Lancer L5 AWM like this.
terryhiatt321 is offline  
Old 09-16-2018, 10:02 AM   #5
Banned
Supporting Member
 
Join Date: Oct 2013
Location: Clovis, NM
Posts: 16,741
Likes Received 50418
He may be on to something.

I tried looking at a couple posts here - system locked down.

Had to restart. System scan this morning was clean.

After the restart - two threats. See attached.

ADDED: Sigtalk has been unusually slow - even for ST - this morning.
Attached Images
File Type: jpg hack.jpg (10.9 KB, 32 views)
bearone2 and Lancer L5 AWM like this.
SteveAikens is offline  
Old 09-16-2018, 10:06 AM   #6
Senior Member
 
bearone2's Avatar
 
Join Date: Jun 2012
Location: Arizona
Posts: 54,682
Likes Received 64276
i haven't had any notifications & it's been fine switching post to post.

one of he problems of webmail as a primary....i'll stick with cox.

i just went into one of my yahoo accounts that i use as a back-up for pics...15gig free & back to sigtalk...i opened various posts & still no notifications.
Lancer L5 AWM likes this.

Last edited by bearone2; 09-16-2018 at 10:13 AM.
bearone2 is offline  
Old 09-16-2018, 12:16 PM   #7
Senior Member
 
Lancer L5 AWM's Avatar
 
Join Date: May 2018
Posts: 5,987
Likes Received 8905
For members- It might be a good time to do some basic IT maintenance like changing all your passwords to at least 12 random characters/digits, unplugging the power from one's home router for a few minutes every week (if it has a built in battery backup- you'll need to remove the battery), clearing your device's DNS and ARP caches, and Temp folders and Cookies (CCleaner works great for these last two). And regardless of what OS/iOS you're running, have a current, paid security software suite that runs actively, not passively. Also, ESET is a premium security software- and they offer a free online scan for Windows users:
https://www.eset.com/us/home/online-scanner/
.
.
bearone2 likes this.
Lancer L5 AWM is offline  
Old 09-16-2018, 01:49 PM   #8
Senior Member
 
bearone2's Avatar
 
Join Date: Jun 2012
Location: Arizona
Posts: 54,682
Likes Received 64276
Quote:
Originally Posted by Lancer L5 AWM View Post
For members- It might be a good time to do some basic IT maintenance like changing all your passwords to at least 12 random characters/digits, unplugging the power from one's home router for a few minutes every week (if it has a built in battery backup- you'll need to remove the battery), clearing your device's DNS and ARP caches, and Temp folders and Cookies (CCleaner works great for these last two). And regardless of what OS/iOS you're running, have a current, paid security software suite that runs actively, not passively. Also, ESET is a premium security software- and they offer a free online scan for Windows users:
https://www.eset.com/us/home/online-scanner/
.
.
this is the only item eset found:

C:\Users\Dell\Downloads\pc-repair-kit-setup.exe a variant of Win32/Auslogics.A potentially unwanted application

& i deleted it.
Lancer L5 AWM likes this.
bearone2 is offline  
Old 09-16-2018, 07:55 PM   #9
Member
 
Join Date: Sep 2018
Posts: 38
Likes Received 14
Quote:
Originally Posted by boo2112 View Post
Adding to the good advice from Lancer L5 AWM:

Passwords should be unique for every site, and never shared or re-used.

Passwords should be randomly generated and contain a mixture of upper/lower case letters, numbers, and symbols.


Passwords should be as long as possible, and never less than 12 characters.
Boo2112 is correct. Unless it's a random attack, which it doesn't seem to be with 2 different email servers reporting attempted breaches within an hour of each other, it's more than likely to be information obtained from the server of the forum, not you individually. Therefore a scan of your own computer wouldn't result in anything.
A good point to observe however, is that several people have said the server was slow earlier. Unlike the movies where passwords magically appear for hackers to gain access to a server's information, in real life it's more of an overload of the system's ability to perform it's task, resulting in a failure of the security system. A great example would be if you were standing by a conveyor, and your only job was to pick out sticks from the peanuts that come down the line. Normally you're completely fine, but if an entire trailer full of sticks and peanuts comes down the line you'll get overwhelmed and sticks will get passed you. The only difference is, you keep working, a security system stops working until the attack is over because it stays bombarded with information. That's why the server slows down too. During the attack the system is trying to deal with all of the information that is being sent and requested that it can't deal with anyone else's requests.
All of that being explained, boo2112 is also correct in the password area. That's actually the most common way people get hacked. They tend to use their same account information for their work credentials and personal information, so once a hacker has access to one, they get access to everything.
In summation, be careful guys and gals.
bearone2 and Lancer L5 AWM like this.
terryhiatt321 is offline  
Old 09-16-2018, 08:25 PM   #10
Senior Member
 
bearone2's Avatar
 
Join Date: Jun 2012
Location: Arizona
Posts: 54,682
Likes Received 64276
Quote:
Originally Posted by terryhiatt321 View Post
Boo2112 is correct. Unless it's a random attack, which it doesn't seem to be with 2 different email servers reporting attempted breaches within an hour of each other, it's more than likely to be information obtained from the server of the forum, not you individually. Therefore a scan of your own computer wouldn't result in anything.
A good point to observe however, is that several people have said the server was slow earlier. Unlike the movies where passwords magically appear for hackers to gain access to a server's information, in real life it's more of an overload of the system's ability to perform it's task, resulting in a failure of the security system. A great example would be if you were standing by a conveyor, and your only job was to pick out sticks from the peanuts that come down the line. Normally you're completely fine, but if an entire trailer full of sticks and peanuts comes down the line you'll get overwhelmed and sticks will get passed you. The only difference is, you keep working, a security system stops working until the attack is over because it stays bombarded with information. That's why the server slows down too. During the attack the system is trying to deal with all of the information that is being sent and requested that it can't deal with anyone else's requests.
All of that being explained, boo2112 is also correct in the password area. That's actually the most common way people get hacked. They tend to use their same account information for their work credentials and personal information, so once a hacker has access to one, they get access to everything.
In summation, be careful guys and gals.
if you take the time to look back, there have been many instances of the site being slow.
Lancer L5 AWM likes this.
bearone2 is offline  
Old 09-19-2018, 11:47 AM   #11
Senior Member
 
Lancer L5 AWM's Avatar
 
Join Date: May 2018
Posts: 5,987
Likes Received 8905
Quote:
Originally Posted by boo2112 View Post
Adding to the good advice from Lancer L5 AWM:

Passwords should be unique for every site, and never shared or re-used.

Passwords should be randomly generated and contain a mixture of upper/lower case letters, numbers, and symbols.

Passwords should be as long as possible, and never less than 12 characters.

Boo is spot on... There's simply no excuse for not having a unique, random, difficult password for each account. Laziness and convenience are the causes- and it's why America has one of the easiest to "cheat" voter registration and ballot casting systems in the free world. Even third world Mexico has a more credible voter system.

.
.
Lancer L5 AWM is offline  
Old 09-20-2018, 10:47 AM   #12
Administrator
Supporting Member
 
admin's Avatar
 
Join Date: Dec 2011
Posts: 688
Likes Received 379
While the password suggestions are correct (Complex password requirements are not only required here, but almost all sites on the internet now) there is also some lower key protections you can do.

Do not put your personal information or email addresses in your postings, threads or profile pages. It's very easy to find and use.

We did not see any slowness. Is it still happening? Any alerts its hanging on?

-JB
admin is offline  
Old 10-12-2018, 05:17 AM   #13
Senior Member
 
Damon's Avatar
 
Join Date: Sep 2015
Location: Texas and Missouri
Posts: 1,509
Likes Received 1757
The "like function" reports an error. When I logged into ST my virus scanner reported a tracking cookie.
admin likes this.
Damon is offline  
Old 10-16-2018, 07:29 AM   #14
Administrator
Supporting Member
 
admin's Avatar
 
Join Date: Dec 2011
Posts: 688
Likes Received 379
Didn't recreate the error. Does the error give you any other info?

A tracking cookie in itself isn't cause for alarm. We use them, Google uses them, Amazon, etc. Ours only tracks you while you are on the site itself.

Do you keep any info on the one that triggered your Virus Scanner?

Kevin
admin is offline  
Old 10-17-2018, 11:21 AM   #15
Senior Member
 
Damon's Avatar
 
Join Date: Sep 2015
Location: Texas and Missouri
Posts: 1,509
Likes Received 1757
I will need to look and see what it reported. I’m out of pocket and it will be some days before I can look.
Damon is offline  
Reply

  SIG Talk > SIG Talk > Site Help and Support

Thread Tools
Display Modes



Top Gun Sites Top Sites List

Powered by vBulletin 3.8.8
Copyright ©2000 - 2020, Jelsoft Enterprises Ltd.
SEO by vBSEO 3.6.1
Copyright © 2010 - 2020 SIG Talk. All rights reserved.
vBulletin Security provided by vBSecurity v2.2.2 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.SIG Talk is a SIG Sauer Firearms enthusiast's forum, but it is in no way affiliated with, nor does it represent SIG Sauer, Inc. of Exeter, NH.