Someone Used My Account

Yoko · Post Post #0 (ISO) » Wed Mar 17, 2004 8:07 pm

It was quite obvious. When I got onto the site I noticed my name at the bottom of the screen. I thought nothing of it at first until I scrolled up and saw I wasn't logged into mafiascum. I refreshed then looked again my account name was still listed along with 2 guests.

I quickly logged on and made a thread about it. Then immediatly logged off. I was still showing as if I was logged on but the mafiascum screen on my computer asked for a user name and pw. I posted as a guest then checked again my name was still down there. I tryed to get anyone that was on the site to see it but doubt anyone noticed. I refreshed and refreshed until around 3-5 min later when I was no longer logged on but there was an additional guest.

I theorized that my account may have been slow but I soon found out that the instant I logged off every time after that I was no longer shown below. The only possible way was someone was on my account.

jeep · Post Post #1 (ISO) » Wed Mar 17, 2004 9:49 pm

The list below shows everyone who has been logged on within the last 5 minutes or so... And there are some login issues, so it's more likely that the cookie was set but the session variable wasn't right...

Change your password just in case.

-JEEP

d8P · Post Post #2 (ISO) » Wed Mar 17, 2004 10:24 pm

This happens a to me a lot. I've wandered off to other sites, closing the window, come back after an hour or more, and clicked the "find posts since my last visit" button, to find the newer posts just added onto the list I'd seen more than an hour previously, not a new list as you'd expect. When this happens it means scum hasn't registered the visits separately, i.e. that it hadn't logged me off.

[edit to try and make sense. I give up now ~shrug~]

sk · Post Post #3 (ISO) » Thu Mar 18, 2004 12:37 am

hey, check that! i was right!

*does a little dance*

however- mmmm.... cookies

YK · Post Post #4 (ISO) » Thu Mar 18, 2004 6:22 am

Ok sorry

YK · Post Post #5 (ISO) » Thu Mar 18, 2004 9:44 am

So strange I still show that I'm online wierd.

YK · Post Post #6 (ISO) » Fri Mar 19, 2004 7:53 am

Seems again that I am online but offline weird these things are only happening when one other person is logged on. Coincidence???

jeep · Post Post #7 (ISO) » Fri Mar 19, 2004 7:57 am

How long have you been logged off? Did you clear your cookies? Did you change your password? Do you auto-login?

In order to use your account, the person would have to know your password and even I can't do that. Passwords are stored as a MD5 hash. MD5 is a one way algorithm that, as far as I know, hasn't been cracked yet.

We do have the latest patch applied to phpBB, and no new security warnings have been issued.

Search for your posts and see if there are any that you didn't make...

-JEEP

YK · Post Post #8 (ISO) » Fri Mar 19, 2004 8:18 am

Ok I'll try that

jeep · Post Post #9 (ISO) » Sat Mar 20, 2004 1:13 am

My mistake, there was a security warning posted 2 hours before my last post that could be related to this:

Code: Select all

We've been notified of a flaw in search.php. This, under the right circumstances with certain server versions be exploited to obtain password hashes.

Even assuming we've been hacked, once the person gets the hash, unless you use a dictionary word, it still takes a lot of work to determine what your password it.

I will apply the security patch this weekend and will recommend that everyone change their password in a global announcement.

-JEEP

mathcam · Post Post #10 (ISO) » Mon Mar 29, 2004 4:03 am

On an amusing tangentially related side note, I just had an amusing chat with myself (mathslamm Mod and mathcam) in the chat room, so anything's possible, Yoko.

Cam