Announcement

Collapse
No announcement yet.

Spammers Getting Around Image Verification

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Charlie_Brown
    replied
    Even turning on admin to approve member has been bypassed by some registrations according to vb.org as well.

    http://www.vbulletin.org/forum/showp...9&postcount=86

    Leave a comment:


  • Murdoc
    replied
    i would like to know, has VB security been breeched... and will there be a urgent update for this, there must be a way to stop this without having, 20 plug-in's


    first what i tried was this, as i would like to stay with as little plug-ins as possible.

    I've tried this
    http://www.vbulletin.com/forum/showthread.php?t=275800

    i did all what that post says the only thing that is stopping them is that i have to approve them.

    i also installed some plug-ins, but i would like to know will VB releasing a security update ???

    as i would like to limit the amount of plug-ins on my forums ???

    and im really worried because on BV.org some owners are stating that when they start adding the plug-ins and what you guys suggested, they where been hacked ...

    Here is some posts http://www.vbulletin.org/forum/showp...0&postcount=79

    Originally posted by moonbase View Post
    We have had none until yesterday. They say "Man" in the Bio and "Test" in the user name.

    These two IP addresses are almost always attached to them:

    142.163.3.122 - bad search bot?

    200.63.42.75 - Hacker?

    I know of a few boards that had this and then a attack on the Site Admin password/log-in and the sites were hacked.

    There is something going on. We all need to find help for this.

    Leave a comment:


  • Charlie_Brown
    replied
    This just started for me (yesterday) as well I added a few mods to try to eliminate this as well as making required profile fields too today. I'll see if this works, most of these porn spammers all have the same ip except a number or 2 numbers different. I had 20 sign up just yesterday for the record and I have the image verification was on too.

    Leave a comment:


  • jawatkin
    replied
    This actually started for me about a week ago... Not sure if we're allowed to post links to vB modification on vB.org, but this one has stopped them in their tracks... Make 10 or so questions and they'll have a very hard time getting through. Haven't had a single one in since I implemented this..

    NoSPAM! for vbulletin
    http://www.vbulletin.org/forum/showthread.php?t=183329

    Leave a comment:


  • Jobe1986
    replied
    On my relativly quiet (few to nobody post) forum, I had 5 registrations yesterday, 2 today, of the ones yesterday, 1 completed registration and posted. The others are yet to post.

    Leave a comment:


  • Photics
    replied
    Originally posted by Wayne Luke View Post
    Was your question: What is 2 + 2?

    You need to ask decent questions.
    Obviously I made my question harder than 2+2=4 but I didn't make it too hard. Otherwise, real people are going to have trouble registering. I don't think it's a good idea to ask for the first hundred digits of Pi.

    If this a human assisted attack, isn't the extra question meaningless?

    Leave a comment:


  • RobAC
    replied
    Adding the extra question worked for me.

    Leave a comment:


  • natbaines
    replied
    Have just changed human verification from image to recaptcha. I will let you know how it goes!!

    Leave a comment:


  • JarrahBark
    replied
    I followed Steve's instructions and my spam attack has dropped from 10-20 per hour to nil. Thanks Steve

    Leave a comment:


  • natbaines
    replied
    Originally posted by Chippie View Post
    Wow, I thought I was the lucky one!

    I typed russia in the seach on this forum and got this thread right away.

    I have been getting hammered also, deleting them as they happen.

    What I noticed that was constant is the time zone in the user area once they joined. (GMT - 12:00) Eniwetok, Kwajalein this was on every single one so that's how I sorted the good from the bad.

    I just added the extra question so we will se how that goes.
    Same here! Is there any way of filtering out registrations from this time zone??

    Leave a comment:


  • Chippie
    replied
    Wow, I thought I was the lucky one!

    I typed russia in the seach on this forum and got this thread right away.

    I have been getting hammered also, deleting them as they happen.

    What I noticed that was constant is the time zone in the user area once they joined. (GMT - 12:00) Eniwetok, Kwajalein this was on every single one so that's how I sorted the good from the bad.

    I just added the extra question so we will se how that goes.

    Leave a comment:


  • purplesage
    replied
    They have certainly slowed the bots down. The humans maybe not.
    Ive also added a question. 65 spammers on one site 30 on another.
    5 legit registrations since the switch No spammers yet knock wood.

    http://www.vbulletin.com/forum/showthread.php?t=205214

    Leave a comment:


  • Ohiosweetheart
    replied
    reCaptcha is not foolproof - they're getting past it as well.

    Leave a comment:


  • purplesage
    replied
    Originally posted by Wayne Lukas
    am using Recaptcha on different sites and haven't had a single spam registration.
    Listen to the man

    The progam appears to defeat captcha not recaptcha
    The kalinka klown must be selling the program for cheap now, it was $3Gs.

    Leave a comment:


  • Ron Bennett
    replied
    Getting the same spam that others are on a forum that's very low traffic.

    The attack definitely appears distributed - webmasters blocking out such IP addresses are wasting their time, and worse may be blocking out legitimate people, if blocking IP ranges, which it appear some webmasters are doing.

    I get the feeling, especially based on what others here have posted, that some spammers may be totally bypassing vBulletin's captcha.

    Ron

    Leave a comment:

widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.
Working...
X