Hacker try to steal money from my account

[kit]

One prick hacked my account on the sponsor (I'm sure due to the relativily simple password, not because sponsor database has been hacked)

And changed payment info to this (payment by Check):

Company Name: Imantas Liudkevicius
First Name: Imantas
Last Name: Liudkevicius
Address Line 1: Liudo Giros 82-26
City: Vilnius
State/Province: LT
Zip Code: 06315
Country: Luthuania

Check your info, may be you ripped off too.

[Chop Smith]

That sucks.

Was Lithuania a part of the former Soviet Block?

[Halfdeck]

Hey Kit,

thanks for the heads up. BTW, I usually type long string of jibberish for passwords, like 8sbw9g2nftDFaDz32.

[kit]

Yes, I changed all paswwords to the unique.
Yes, the Luthuania is the former soviet republic.
BTW, I had a similar problem a month ago, the address has been switched to the Netherlands address.

[eman]

I've not yet had a problem with sponsor accounts but I'm continually surprised at how many email spammers know the names of the people I regularly talk to.

[Linkster]

Kit - it would probably be a good idea to post the sponsor as there have been cases in the past where a sponsors database has been hacked - it would let us check without going through 100s of sponsors

[ronnie]

Quote:

Originally Posted by Linkster

Kit - it would probably be a good idea to post the sponsor as there have been cases in the past where a sponsors database has been hacked - it would let us check without going through 100s of sponsors

Great Idea, I agree..

ronnie

[flyeruk]

That would be great

Took me all day to change my info when I was moving house... lol

Lisa

[kit]

I'm sure, there is not a sponsor side problem. The only thing i can tell you, it's a NATS script. But I'm sure, there is not a database hacking. I discussed this problem with Nathan (NATS) and he promised to implement the new strict rules for the payment info changing ASAP. The problem in some new affiliate solutions, they don't send notifications by e-mail about payment info changes. There is a key feature for every program fighting the hackers activity.

[kit]

Payment info must be locked after submit, at least partially locked and send verification ot notification to the original e-mail address.

[Linkster]

Kit - I know that you want to believe that - but any program can be hacked - and it wouldnt surprise me one bit that Nats has already been hacked many times - it would be helpful to the rest of us to know which sponsor it is so we can check to make sure that it wasnt just you that had their info changed - nothing against any sponsor - just good info

[kit]

Because two different accounts has been hacked, I'm sure, it's not a sponsor related issue.

[juggernaut]

All I can say is pass phrase pass phrase pass phrase. Most of the time I use a simple password for things I really dont care about, but for important things it's one of two. 11 char, #'s and sym's (I have had one that I use for the past 4 years and every program I run on it takes 5 days and it only gets 1/2 the password) the 2nd more secure goody I like to use is a pass phrase like. IE: IwasBorninacroSSfirehuricain@12:10Am
If they can crack a pass phrase they deserve you stuff.

[DangerDave]

Kit, in the words of some great people that went before me - shit or get off the pot!

You have no problem naming the scammer in this thread, or disclosing privileged information in your DMOZ thread, so name the goddamn sponsor, so we can check and get back to work..

DD

[Chop Smith]

gnats - annoying flies

[garry]

Quote:

Originally Posted by kit

One prick hacked my account on the sponsor (I'm sure due to the relativily simple password, not because sponsor database has been hacked)

And changed payment info to this (payment by Check):

Company Name: Imantas Liudkevicius
First Name: Imantas
Last Name: Liudkevicius
Address Line 1: Liudo Giros 82-26
City: Vilnius
State/Province: LT
Zip Code: 06315
Country: Luthuania

Check your info, may be you ripped off too.

I will use my first post here on this great board to say thank you to “Kit” from www.porninspector.com for contacting me and making me aware of this issue. We have now added this to the MPA3 source and
we will automatically upgrade all running mpa3s with this feature when we do our next scheduled upgrade.

Or if any program want this added earlier we are happy to do that up on request!

So again, thanks Kit for bringing up this issue, and if anyone have any other feature requests be sure to let me know. We are here for you !

[garry]

Oh, forgot to mention, we went a step further too, we also added brute force protection as well. If someone tried to log in to your account using the wrong password 3 times or more the account get closed for 2 hours and you will be notified by email.

[Mattinblack]

Sigh. I have lost count of how many times I have read threads like this on adult and non adult webmaster forums. We live in an age where every company that has a financial payments side to it is capable of being targetted by hackers worldwide, many of the Soviet Mafia hackers have KGB/GRU info war training and a data stick in their back pocket full of hack utilities from the soviet military.

In a previous life I was in charge of all aspects of a large installation and most of the security holes that were exploited had nothing to do with scripts on servers or database security as such. They were mostly Windoze vulnerabilities. The worst problem we had was a guy we simply could not trace for weeks. It turned out that he had taken over a humble PC that was used by the artwork department to process batches of image files.

Of necessity it had its own internet connection and when the system was designed was not connected to our intranet. Some bright spark decided to run an ethernet cable and connect it so that he could backup files onto our main server instead of burning optical discs. The hacker had zombified the PC, run a packet sniffer and a trace utility to map our network and headed straight for accounts.

Luckily we were running our accounts on a legacy HP mainframe and not a PC system, he was obviously all at sea and made some mistakes. If it was a Windoze or unix system we would probably stil be scratching our heads.

The learning outcome of this decision was that I have decided to firewall ANY secure data behind the wierdest and wackiest hardware/software I can find with lots of security logging and audit trails. Hint there are a lot of old but perfectly servicable Dec Minis out there .....If there is only one access pipe and its monitored and logged for any suspicious activity then it can be stopped before too much damage is done. The trouble with using Windoze and unix boxes for this activity is that there are too many unpatched security holes that are well documented and with exploits written for them. Who is to say the machine doing the watching is not itself compromised? If the machine monitoring and controlling the pipe is one which few people know anything about then its much more secure.

[kit]

Quote:

Originally Posted by Mattinblack

many of the Soviet Mafia hackers have KGB/GRU info war training and a data stick in their back pocket full of hack utilities from the soviet military.

The pure predujice. After USSR crushing, many people morally degraded especially teenagers in their 10 y.o. They are the real hackers and carders, their average age is 18-25 years now. They're still here because the weak state. But I hope (and really see during last years) how they getting screwed!

There is a big problem with Eastern Europe and Asian countries.

[Mattinblack]

Quote:

Originally Posted by kit

The pure predujice.

No prejudice intended Kit. This is from experience and advice from UK law enforcement.

Quote:

Originally Posted by kit

teenagers in their 10 y.o. They are the real hackers and carders, their average age is 18-25 years now.

Yeah they can get into sites that have little or no security. However the attacks on the well secured big-money sites are nearly all organised crime, and those are nearly all Russian Mafia, and they employ nearly all ex KGB/GRU Information Warfare specialists. This is what was patiently explained to me a year ago by the deputy head of Londons Scotland Yard Computer Crime division after a site with state of the art security and storing a few thousand sets of personal financial details was comprehensively trashed.

We had insurance but our concern was 'where was the hole in our security' the worrying thing was all three experts we hired plus the polices own expert concluded there werent any. The even more worrying thing was that the police had at least 2-3 cases like this a month in the UK alone. The IP addresses all traced back to the same server which was on a dial-up line physically located in the Ukraine but was mobile on the trunk network (ie that too had been hacked and whenever you try to trace a number the software reports a different one back).

[urb]

Quote:

Originally Posted by Mattinblack

This is what was patiently explained to me a year ago by the deputy head of Londons Scotland Yard Computer Crime division ...

Interesting circles you move in, to be sure.

[Mattinblack]

Quote:

Originally Posted by urb

Interesting circles you move in, to be sure.

I used to work for a *big* company in the UK before I went freelance Urb. When you have big and very public problems that make the national press then you do what you gotta do! Hell if I thought it would have helped I would have brought in the SAS and a squadron of Royal Corgis!

Eventually got so stressed out that my doctor said ;
'change jobs or else'

[Papa]

Quote:

Originally Posted by kit

The pure predujice. After USSR crushing, many people morally degraded especially teenagers in their 10 y.o. They are the real hackers and carders, their average age is 18-25 years now. They're still here because the weak state. But I hope (and really see during last years) how they getting screwed!

There is a big problem with Eastern Europe and Asian countries.

I'm afraid to say that they won't dispear. Imagine the "skills" of a 25year old guy if he started in this shit 10 years ago
Wow, i'm sure he could hack anything !

[DJilla]

Quote:

Originally Posted by Mattinblack

It turned out that he had taken over a humble PC that was used by the artwork department to process batches of image files.

Of necessity it had its own internet connection and when the system was designed was not connected to our intranet. Some bright spark decided to run an ethernet cable and connect it so that he could backup files onto our main server instead of burning optical discs.

I gotta say, that everything you've posted here is so completely correct and "classic" that I was almost doubting you didn't just lift this from a book.... up until you mentioned using a PDP as a front end which is really quite a clever, cheap and innovative idea. OK... I believe you! (not that I think you care). What I don't get is why you'd leave the leading edge field of security for this stuff? Stress...?!!!>><??! Agggh... buck it up soldier!

[Mattinblack]

Was hardly on the leading edge of security Urb- just managing the companies web business. Also happento be a bit of a techie.

As for why... my doctor told me if I did not fin a less stressful career then my life expectancy would be measured in months rather than years. Adult is not all that I do - I enjoy the variety of work!

Matt