#1
|
|||
|
|||
*UPDATED 5/29 2:50pm PST* PLEASE READ
We have temporarily disabled all UBBcodes (quotes, links, images, etc.) as well as PMs to thwart someone attacking the site.
What happened: A user posted a link to a malicious website that does bad things of a presently unknown nature. Many unsuspecting users clicked on the link and had bad things done. Then a malicious person used the bad things to learn these unsuspecting clickers' 2+2 login information. This person then used the illgotten login info to log in under other users' accounts. Some of these posters are long-time, well-respected forum members. Then he posted more malicious links under these well-respected usernames and got more people to click on them. We banned the compromised accounts (at least the ones we know were compromised) and disabled all PMs and UBBcodes to thwart the attack. We hope things can go back to normal soon. BOTTOM LINE: 1. Be very careful when you click on links. 2. If you clicked on one of the bad links, be aware that someone may have access to your 2+2 login information and/or login information to other sites (think your online poker accounts). We're not saying they do. We're saying that, at least as far as what we know at this time, it's a possibility. THE 2+2 FORUM IS A SAFE PLACE TO BE AS LONG AS YOU DON'T CLICK ON WEIRD OUTSIDE LINKS. We obviously don't control sites external to the forum, and there's clearly some browser vulnerability out there that can hose your computer just by going to a link. PLEASE BE CAREFUL. For now, there are no new links on the 2+2 forums. So no one can click anything. We hope this is fixed soon. JUST SO IT'S CLEAR, THIS IS NOT A PROBLEM WITH 2+2. IT'S AN INTERNET-WIDE PROBLEM. SOMEONE COULD DO THIS ON ANY MESSAGE BOARD. SOMEONE JUST HAPPENED TO DO IT ON THIS ONE. |
#2
|
|||
|
|||
UPDATE
Here's what happened.
SHORT VERSION: A malicious user posted a redirect link (there were several differently links, though all pointed to the same place, and all of them ended in ".it") to a page on his server. That page exploited a vulnerability in UBB Forum software that allowed the user to view people's 2+2 forum passwords. He then logged in as users whose passwords he found out and was generally annoying. This morning, we patched the UBB Software so that passwords aren't visible anymore. His exploit is closed. WHAT YOU SHOULD DO: Change your passwords. The only passwords he received were the 2+2 forum passwords of users who actively clicked on the bad links. Change your password, and you're ok. Also, please do not choose a password that's easy to guess (or even remotely resembles something that's easy to gues... computers can make a lot of guesses very quickly). Choose something that has at least one letter, one number, and one punctuation mark in it (and make it at least eight characters or so). Furthermore, THOUGH THE BREACH WAS LIMITED ONLY TO 2+2 PASSWORDS, you might do well to change all your important passwords. This is obviously especially true if you tend to use the same password in multiple places. We are taking this matter extremely seriously, and you should rest assured that 2+2 plans to investigate this situation fully including reporting it to any appropriate law enforcemt agencies. YOUR POKER ACCOUNTS ABSOLUTELY HAVE NOT BEEN COMPROMISED IN ANY WAY. THE ONLY THING THE BAD GUY COULD DO WAS LOGIN TO THE 2+2 FORUMS USING YOUR ACCOUNT. HAVING SAID THAT, PROTECT YOURSELF (ESPECIALLY YOUR MONEY) AT ALL TIMES. |
|
|