I just logged in this morning and found a Chinese hacker has gotten through the login process then proceeded to dump over 300 new discussion topics into the General Discussion forum.
I have banned the user so that particular bot can't post any more and Jerry will need to work on clearing out their trash. Hopefully we can get things cleaned up today.
Thane
Illegitemi non carborundum est!
Ok, I see now, good job banning the user. I also forcibly logged him out to stop the stream. Actually it's not a "him", it is an automated "bot". And yes, I will clean it all up with some tools I have. I'll be home in an hour or so.
A very strong argument for moving to a new forum application!
Jerry
Jerry
I fly (and ride) to free my mind from the tyranny of petty things. Antoine de Saint-Exupéry
Thank You to both Thane and Jerry for catching this, and taking care of business.
On the humorous side of life.....our website is all about "hacks"....so there is some levity in the fact that...we've been hack'd.
Two Million Mile Rider...All 7 Continents
Exploring the World in Comfort
Ok, all the offending posts should be cleaned up now. Here are a few thoughts from this experience:
First, thank goodness I have several moderators who are engaged and have the ability to see and take action on events like this. I can't always be available so I need extra eyes who can assist. Good work on Thane to see this early and ban the user.
Second, it is not enough to ban the user. A ban prevents a user from logging in, but if they are already logged in they can continue to post, as we saw this morning. What has to happen is the user must be forcibly logged out which is an administrative function. I will research and see if that particular function can be delegated to moderators.
I have put some code in place to automatically log out any new users once they create an account. However, the code does not prevent them from turning around and logging right back in, as this 'bot' did this morning. Another aspect of this is our current forum software does not respect the authorization process of the content management system (CMS, WordPress). It is not sophisticated enough to provide options for an administrator to control new members and their ability to post.
My last point is this cannot happen again! This was ugly but is not the worst thing that could happen. We have had many posts in the past where a bot has posted a relatively simple statement that included some kind of hyperlink. My greatest worry is that one of our users who may not be as aware of these hazards as most of us might click on that link. They might be taken to some kind of "Microsoft Support" scam, or an identity theft scam, or a 'cross site scripting' attack that would inject their computer with a virus.
Most of the readers here do not know that I proposed a new, replacement forum application just a few weeks ago. I invited 10 people to test it which went very well. It looks different but it is a more advanced system, and it would prevent this kind of thing from happening. The admin (me) and the moderators could prevent users from creating accounts until they are manually approved (after verifying their IP location). All users would be prevented from posting links and images until they have posted at least 3 times.
I proposed the replacement to the USCA Board of Directors who will meet soon to discuss this. After this event today, from my perspective, this is no longer optional. This change to a new forum application MUST happen. The only decision by the board, IMHO, is for them to approve the costs. It will take me another week or so to clean up and prepare the new forum software but it will happen soon.
Respectfully, your humble webmaster and digital janitor,
Jerry
Jerry
I fly (and ride) to free my mind from the tyranny of petty things. Antoine de Saint-Exupéry
An unfortunate side effect of these spammy posts is, if you are subscribed to the 'General Discussion' forum, you received over 300 emails in your inbox, like me. Depending on your email system, you can search or filter for the subject line "Sidecar Forums: New Topic" and mass delete them. If you need help in cleaning up send me an email.
And FYI, all these posts in Chinese are variations of the theme, "Agent for Carleton University graduation certificate, purchase transcripts, purchase fake diplomas, purchase fake degree certificates, manufacture fake foreign university diplomas, diplomas, graduation notarizations, graduation certificates, completion certificates, admission notices, Offer, certificate of enrollment, IELTS TOEFL transcript, fake diploma, fake graduation certificate and CU transcript. Apply for leave letter certification online (checkable) WSE certification"
Jerry
Jerry
I fly (and ride) to free my mind from the tyranny of petty things. Antoine de Saint-Exupéry
A HUGE THANK YOU to Thane and Jerry for catching this invasion and stopping it. What might now look like innocuous spamming could have been much worse for our members and for our Forum.
This spam start showing up around 3 AM and continued every few minutes, over and over and over again for more than four hours until Thane and Jerry could shut it down.
The Board will meet this Saturday and take action on this matter. Spammers are getting more and more sophisticated and dangerous in their methods. We will take steps to secure our Forum and protect our members from these invaders.
Jan Daub
USCA President
It's good we have young level-headed people to deal with challenges. Some of us have aged into the category where "life in prison" has no deterrent affect at all.
Quote from metalcarver on April 11, 2024, 1:05 pm"Some of us have aged into the category where "life in prison" has no deterrent affect at all."
As Larry the Cable Guy would say, "Now that's funny, I don't care who you are!"
Jerry
I fly (and ride) to free my mind from the tyranny of petty things. Antoine de Saint-Exupéry
I just logged in today at 4pm Eastern time which is 1pm local time, and saw this thread.
Wow! Kudos to you guys!
When we move the forum to the new platform, and somebody complains about some minor nit, I'll have no sympathy.
Have owned 5 rigs but Rig #2 is my current one!
Quote from metalcarver on April 11, 2024, 1:05 pmIt's good we have young level-headed people to deal with challenges. Some of us have aged into the category where "life in prison" has no deterrent affect at all.
I laughed so hard! Thank you! 🙂
Shout out to our Moderators and Web Master. You guys rock!
Hold my keyboard and watch this! 🙃
Quote from Viajero on April 11, 2024, 8:15 amOk, I see now, good job banning the user. I also forcibly logged him out to stop the stream. Actually it's not a "him", it is an automated "bot". And yes, I will clean it all up with some tools I have. I'll be home in an hour or so.
A very strong argument for moving to a new forum application!
Jerry
Agree fully. Time has come for it.
This latest attack will return. That was a lets see if we can find a weak spots some where.
Quote from DRONE on April 11, 2024, 3:08 pmI just logged in today at 4pm Eastern time which is 1pm local time, and saw this thread.
Wow! Kudos to you guys!
When we move the forum to the new platform, and somebody complains about some minor nit, I'll have no sympathy.
Now just how many here that and are wondering what the heck is this new platform stuff ?
Well.....I know......but I will only tell you if your sidecar rig can catch my BattleWing Galactica on Hwy 50 in Nevada.
Two Million Mile Rider...All 7 Continents
Exploring the World in Comfort
Was it just spam or was that a diversion while they mined data? Any determent to those who were logged on at that time?
