[2021-02-25] Private message spam, **NOT** hacked

Nah, you started the wrong way. Instead you should have given her a little token (e.g. a fancy keychain light?) to show your deep appreciation and admiration for revealing her ... uhm ... nice flesh... sorry flashlight parts to you. Something like this...

“Hey Beatrice, this must have slipped right off your neck.“

I received one of those private messages. I thought for a second, someone had the winning lotto numbers for me. I guess the joke is on me.

Update from the OP:

"A new system is now in place to prevent this sort of attack from occurring again."

and

"A workaround is now in place for this bug."

...

Excellent!

If the PM was sent to me, shouldn’t I have been the one to decide whether it was “spam” for me?

“Wholesale cleansing” sounds rather religious, does it not? I mean, one man’s ceiling is another man’s floor, right? One man’s trash is another man’s treasure, right? Last time I checked, PM’s were just that…private, as in, non-public.

Just wondering, as this seems almost CPFish in deciding what’s best for “me.”

@Hoosh: This was a large scale spam attack from one source that used bots to masquerade as normal human users in order to create over 20 BLF user accounts and send thousands of PMs. If you consider a message sent by a computer inviting you to view porn as a valuable personal communication, then you really need to read up on the basics of how spam and other nefarious activities are creating such a plague on the internet. It’s a wild and sinister world out there online, and your position sounds dangerously naïve. Furthermore, spam and other criminal activities are prohibited by the BLF Rules that you accepted to join this forum, and my job is to enforce them.

Exactly. And better hope you own a direct upstream trunk to the internet, because every ISP or web host that I know of will block your SMTP ports and/or deny you service in the blink of an eye if they get so much as a hint that you’re participating in that sort of traffic. And that’s another very powerful reason that absolutely obliged me to react as I did and have always done; otherwise BLF would have ceased to exist many years ago and no decent hosting service would want to have anything to do with us if I permitted that sort of garbage to go unchecked. And no other self-respecting admin that is not a criminal would have done anything different.

Not sure I understand how settings allowed for a new user to jump in and message everyone.

The settings were definitely far too permissive, simply because we’ve never had a problem like this up until now. But it wasn’t “a user”, it was a bot or possibly even a botnet rapidly abusing legitimate access mechanisms. And unless there are sensible limits in place anything that a normal human can do with a computer can be accomplished and repeated millions of times faster with a computer script.

Got it. Well, you’ve done a hell of a job thus far at keeping this place NOT full of power-hungry mods or scam/spam, so that’s great. The rare breach is ok as long as it’s a while until the next one, and certainly, we’ve done better here than any other forum I know.

Every other forum I know gets bot accounts daily.

Thanks for the support! I just need to clarify that “breach” isn’t the correct term in this case, because that implies that they used illegitimate access methods or vulnerabilities to access and/or exfiltrate private information. That wasn’t what happened in this case, instead they used the default settings to send information to most of the BLF user list, which is already public information. And they only added unwanted information instead of seeing something that they normally wouldn’t be able to see.

Understood. By choice of words on my part.

How do we deal with ordinary bots?

I still think we need private forums for senior members and whatnot.

We do indeed get huge numbers of bots that come around “poking” at the server, just like any other website. Most of them don’t even know or care that this is a web forum, instead they try to directly access the underlying server operating system via unpatched low-level vulnerabilities or incorrect server configurations. Most of those attempts get quickly shut down by a sort of automatic circuit breaker, and to my knowledge none have ever been successful. Then there are other types of bots that directly target and try to take control of the actual forum software (many are dumb and actually attempt all sorts of common methods to breach Wordpress, which we don’t even run here) using illegitimate access methods or unpatched vulnerabilities. Again, to my knowledge we’ve never had a successful breach or private data leak at that level either. Then there are the bots like the ones responsible for this recent attack that perform the same steps that a legitimate human user would take to use the forum software. From what I can tell there is usually a human that performs certain manual tasks first and then sets the bots loose to repetitively blast out a fire hose of whatever kind of smut they’re promoting. Or sometimes they simply access thousands upon thousands of pages like any real user could do. Once in a while they hit our server so hard that it slows to a crawl, and I have to manually intervene and block their IP address(es).

Now that you mention this is a good time to give a huge shout of thanks to all the legitimate BLF users that help control spam in the public forums. I couldn’t do it without your collective help. I occasionally get reports of a spam post, but it’s almost always eliminated and the account shut down via the Spam button before I can even get to it. Many thanks to all of you for your vigilance!

yeah me neither wtf christine99?
whatd i ever do to you?
or not do?

have you heard of the supercookies hidden in browsers. just waiting for execution. no one knows why they’re there, or when they’ll take over. first reefer madness, now this. when will it all end

No, but I heard of the SuperDevil.

I have not heard of either, but I just found out that if I need tile installed in El Paso, there is someone on this forum that does such a thing. https://budgetlightforum.com/t/-/9150/312 That’s good to know. I should bookmark that, just in case I ever have a tile installation need in El Paso.

By the way, please don't report my spammy link. It is not spam, even though it smells/reeks like spam. Can I add a spammy signature link? I guess it's entiley up to me.

------------------------

www,prescottpedestriandefenseforce,com

Funny, the link takes me right back here to BLF, and when pasted directly into the URL bar it does a Google search… :smiling_imp:

That's amazing how that happened! I wonder what kind of powers could have overcame that poor helpless external link?

------------------

BLF GT94: Still rocks!