1
oldenough
HELP - I have been abused by a hacker/spammer!!!
  • 2007/3/2 6:03

  • oldenough

  • Just popping in

  • Posts: 76

  • Since: 2006/12/11


One or several fu*kheads have recently abused our system to send spam mails. I recieved some tons of mail error messages from a non-existent mail address on our system.


I am using Captcha on our Liaise module, and this module are set to send mail to one of our adresses only.

The only module I suspect been unsecure regarding terror attacks like this might be the "Tip A Friend" option in the Weblinks module. I have disabled the whole module now (with hundreds of links not beeing accessible any more) and I have not got any more mail messages.

Anyone with similar experiences? Does this sound like a reasonable explanation? What can I do with this module in order to not have this vulnability - how to make it impossible to send more than one mail from "Tip a Friend" in the weblinks? Or might it be other explanations??

Yes, I have installed protector.
Yes, I would love to break the neck on the **ckheads!

Using: XOOPS 2.0.16
Weblinks 1.0
Frameworks installed

2
davidl2
Re: HELP - I have been abused by a hacker/spammer!!!
  • 2007/3/2 9:01

  • davidl2

  • XOOPS is my life!

  • Posts: 4843

  • Since: 2003/5/26


There was an issue reported by Subzero (from Xoopsdesign) with Weblinks. I have contacted the author over this, but I still have not received a reply.

There is, however, a new release of 1.31 ... so you may want to see if this deals with your problem. Please let me know if it does.

(Dont forget to backup etc etc)

3
oldenough
Re: HELP - I have been abused by a hacker/spammer!!!
  • 2007/3/2 10:51

  • oldenough

  • Just popping in

  • Posts: 76

  • Since: 2006/12/11


I am still in a mess, spam mail in return are flooding my inbox!

My only option now was to close down the site!

Weblinks were removed from public display, then the spammhackfuc**rs must have used some other vulnerability on the system, I don't have any clue what it might be.

Anyone with any advice what to do then? Should i relave XOOPS as a platform and go for something else??

4
davidl2
Re: HELP - I have been abused by a hacker/spammer!!!
  • 2007/3/2 11:55

  • davidl2

  • XOOPS is my life!

  • Posts: 4843

  • Since: 2003/5/26


First thing: Don't Panic!

Second thing: Can you PM me the site URL so I can see if theres any other module that may be an issue?

5
oldenough
Re: HELP - I have been abused by a hacker/spammer!!!
  • 2007/3/3 8:25

  • oldenough

  • Just popping in

  • Posts: 76

  • Since: 2006/12/11


Finally it all has been sorted out, after som serious digging. Some f**khead were using a fake email address and pretending using us a sender. This was not the case, hwever, but we set up a catch all at the server, and then recieved all returning error messages from those the spammer had mailed.
So our XOOPS are safe and now even safer.
And spammers? Well, I hope they all vanish into a deep hole. In all cases they have contributed in the blacklisting on our domain in a lot of places.

6
InnoSense
Re: HELP - I have been abused by a hacker/spammer!!!
  • 2007/3/3 11:21

  • InnoSense

  • Just popping in

  • Posts: 25

  • Since: 2006/10/2


Tip: use WF-Links instead of Weblinks.

Login

Who's Online

347 user(s) are online (252 user(s) are browsing Support Forums)


Members: 0


Guests: 347


more...

Donat-O-Meter

Stats
Goal: $100.00
Due Date: Nov 30
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $100.00
Make donations with PayPal!

Latest GitHub Commits