Announcement

Collapse
No announcement yet.

Version 4.1.3 hacked?

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • [Forum] Version 4.1.3 hacked?

    I am running 4.1.3 CMS. A large portion of my userbase just got a spam e-mail referencing our domain. These users do not have the "allow other users to e-mail me" checked. Anyone else seeing something similar?

    -----------------------------------------------------
    From:[email protected]

    Hello sweetie

    My name is Judy, i am 25yrs old, i'm a free minded, open hearted girl, i like to take life as easy as i could, i'm one of the few that still believes in friendship,love, trust and signs, am very much single and ready to mingle. was browsing through the internet and came across your contact at www performanceboats com, believe me i like what i see and i am attracted to you, it will be my sincere pleasure to be your friend if you don't mind, i hope you will not take my request for granted, feel free to email me, at my private email address at, ( [email protected] ), i will appreciate it if you can send me some pics to my private email address, i look forward to hear from you soon.
    Take care.

    Judy.

  • #2
    I just found out from a user they received this email. We are still running 4.1.1. What have you found out craig? Thanks.

    Hello My Name is Miss Sonia 24 years old,
    i got your details today yourbrandplan
    and i will like to know you more and be your good friend,
    get back to me so that i will tell you all about myself and exchange pictures with you,
    and i have something to tell you about me hope to hear from you soon
    your new friend Sonia
    here at
    Your Brand
    Member
    Last edited by Your Brand; Fri 20 May '11, 1:56pm.
    David Sandusky
    Your Brand Plan

    Comment


    • #3
      There are no known exploits in vBulletin at this time.

      Comment


      • #4
        That's a spambot using your send email function which you must have enabled for members. You also get that sort of stuff via PM too.

        Comment


        • #5
          Originally posted by craigl View Post

          My name is Judy, i am 25yrs old, i'm a free minded, open hearted girl, i like to take life as easy as i could, i'm one of the few that still believes in friendship,love, trust and signs
          She sounds like a keeper

          Comment


          • #6
            Originally posted by ChemicalKicks View Post
            That's a spambot using your send email function which you must have enabled for members. You also get that sort of stuff via PM too.
            Are you suggesting not to use the internal PHP mail() function, and use SMTP instead?

            Comment


            • #7
              Just use good spam block methods and you shouldn't get any spambots registering on your forums and therefore not being able to send users emails.

              Do you have send/receive emails from users enabled? It isn't usually by default.

              Also have you tried searching for users using the emails provided in the spam message? maybe they used it to sign up and therefore you can identify the bot.
              http://www.gamerperfection.com/images/gp-bar.png http://www.gamerperfection.com/images/facebook-32.pnghttp://www.gamerperfection.com/images/twitter-32.pnghttp://www.gamerperfection.com/images/youtube-32.png

              Comment


              • #8
                Originally posted by raj4x View Post
                Are you suggesting not to use the internal PHP mail() function, and use SMTP instead?
                Erm no

                Basically what GamerPerfection is saying above but with a lot less words

                Comment


                • #9
                  Check your website for open relays. Open relays allow spam bots to use your website to send spam from your domain.
                  Make sure that you have disallowed guests from using email features. Not only in vbulletin but also in additional software.
                  I buy 420 forums

                  Comment

                  widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.
                  Working...
                  X