It seems we've had a flood of spambots spamming via PM's last night. If you've been a victim of this, please post the username of the spammer here and we'll take action. Current reported names are:

aliveli
byroncline
colls
baros
aliveli
balaclava
baddaboom


Thanks.

abdefg. Or was it abcdefgh? Can't remember now.

Boogie sent me a message about some website or other, I guess it was spam as this user hasn't posted anything since 2004

http://forum.team17.co.uk/member.php?u=7488
(0010010101)

barosanu (http://forum.team17.co.uk/member.php?u=46293)

....

buddaboom, but he's banned already. :p

306S16- Some sort of link to a youtube thing, virus?

aaaa

*Sings the Spam song*

aaaaa

(One a more than GrimOswalds spambot)

I got one from alden http://forum.team17.co.uk/member.php?u=59101

I got one from bugmenot.

aaaaa

(One a more than GrimOswalds spambot)

I'm pretty sure that was mine as well.

Guy named bauser.
Spelt like this: bauser

Was sent a link to (What I think is) a perverted picture. (Don't know for sure because I Never clicked on the link)The Same thing happened to Muzer. Was got by Avimak. Another person called Dule93 Requested a Patch for Worms41.1 in exchange for a dangerous drug.

I got one from Collins. Oh, wait, I think you know it already.

bernholdt (http://forum.team17.co.uk/member.php?u=66198)
the subject was something about "uncenzored websites" that i didn't bother to read
:p

Right, hopefully most of them have been banned now and restrictions on PM's are now in place


Edit:

It seems there's too many to ban, so I won't bother - some have been IP banned so won't actually show up as banned to members... However, any members without any posts won't be able to send PM's until they have a certain number of postsl. I'll leave this thread open for a bit - any other problems relating to this, please post in here!

i got something from bob1

I don't suppose you care about my guy then?

http://forum.team17.co.uk/member.php?u=70703

His name is 331319.

all these names sounds like passwords

306S16- Some sort of link to a youtube thing, virus?
worse. viagra adds. at least, i can find a use for a computer virus.

I got spam from chuchadas

Unlucky my spammer has the coolest name. :cool:

Edit: Oh and Shadowmoon too ;)

i got some video about tube trick or something

about porntube video

I got one from bugmenot.So did I.

Link to his profile. (http://forum.team17.co.uk/member.php?u=42954)

I got one from thomasp.







I kid, I kid. :P

So, I can log in somewhere with one of these spam accounts using the username as the password so I can IP ban everywhere I want?

I got one from bob20.

We should put a captcha or whatever it's called in the signup page.

Y'know, that thing where you type the letters you see?

You misseed the point - the bot appears to have hijacked existing accounts with poor passwords, thereby getting around the whole signup process. A captcha would only work on the sign in page which would be terribly annoying or the send pm page which would be even more annoying to deal with than the once off spam.

And I seem to recall AndrewTaylor writing something about how captchas fail, but I can't seem to find it.

You misseed the point - the bot appears to have hijacked existing accounts with poor passwords, thereby getting around the whole signup process.
yeah. checked some of the signup dates, and the accounts were created way before the attack. this makes me sad, but also very curious. i think, a search for such accounts on other forums might prove to be of tactical interest.

on a side note, what they need to do to prevent this is limit number of login attempts.

Well, i haven't had any more overnight and the spammers haven't been on. So is that sorted once and for all?

I got one from thomasp.







I kid, I kid. :P

*Bans*

We should put a captcha or whatever it's called in the signup page.

Y'know, that thing where you type the letters you see?

There already is one. But these are very easy to overcome, hence how we sometimes have spambots attack the forum, as with some simple coding you can easily "break" a captcha. All of these problems have occurred by people having insecure passwords.

Well, i haven't had any more overnight and the spammers haven't been on. So is that sorted once and for all?

With a bit of luck.

yeah. checked some of the signup dates, and the accounts were created way before the attack. this makes me sad, but also very curious. i think, a search for such accounts on other forums might prove to be of tactical interest.

on a side note, what they need to do to prevent this is limit number of login attempts.

It's already limited isn't it? If you fail 5 times then you have to wait 15 minutes before being able to login again.

balaclava

That user sent me a PM last night linking somewhere and the title was something about illegal Youtube.

I deleted the message immediately.

The reason there were previously-logged-on accounts that were used to send the spam was most likely because the first spambot infected the other two. With a quick test of my anti-virus program, that website is just packed with trojans. My best guess is key loggers.

The reason there were previously-logged-on accounts that were used to send the spam was most likely because the first spambot infected the other two. With a quick test of my anti-virus program, that website is just packed with trojans. My best guess is key loggers.
Unlikely, since the previously-logged-in accounts hadn't been used in years. Most of them had zero posts or at most one or two. The accounts also appeared to have very easily-guessible passwords.

Oh.

Okay then. Must've just been bad luck, I suppose.

I think spambots invaded and Dream17, because my protecting service says it has a virus! :eek:

Spam recieved from anything (http://forum.team17.co.uk/member.php?u=28014).

I haven't had one, thanks to BW.

I just hope T17.tk doesn't get the spammers....

I got one from bugmenot.

Something very fitting about that given the basic idea behind bugmenot.

Ok, just a few things to say, all the accounts afaik have the same username as password, also, bugmenot is actually a service to get around mandatory registrations, and so should be banned, as should everything on the bugmenot website.

... which is why every bugmenot account is banned on this forum, and we regularly check them and ban new ones.

However, bugmenot won't let us ban the forum from their database, since that breaches their Ts&Cs.

I got one from someone who was either called 000 or 0000, I don't remember.

I got one from "coleman" while I was on holidays.

However, bugmenot won't let us ban the forum from their database, since that breaches their Ts&Cs.That seems to make little sense considering what happened.

How can removing your forum from their database breach their Terms of Service and Conditions?

As far as it appears, they are violating this board's Ts&Cs by bringing spammers to this board that are attempting to steal confidential information.

That seems to make little sense considering what happened.

How can removing your forum from their database breach their Terms of Service and Conditions?

As far as it appears, they are violating this board's Ts&Cs by bringing spammers to this board that are attempting to steal confidential information.

Because if you read their T&Cs you'll see that it states you're not to abuse the privilege by spamming forums and the only sites they do block (prevent you adding usernames) are sites where you have to pay to register and sites like Facebook where it's full of private data. Bog standard internet forums like this one, according to their T&Cs are allowed to be added to the site and if you use their blocking tool, they'll remove it.

Bugmenot don't violate this forum's T&Cs by bringing spammers, it's the specific user account (and therefore user) that violates the T&Cs. If someone DDoS'd this forum using a bugmenot account, most likely only the specific user could be sued, not bugmenot.


And also, what confidential information is there in this forum? Everything's viewable by non-registered users (bar fanart). If you're foolish enough to enter your credit card/bank account details into a scammer's site, then you deserve to be scammed :p

Abuse aside, I quite like BugMeNot, otherwise I'd need an account on every site I decide to even read or download something from (because there are plenty of forums that don't allow guest reading and I'm not buying into every site's marketing schemes :p)

It'd probably be better if BugMeNot only kept one account per site though, otherwise they'll easily attract misuse.

I got some spam from AEP about a week back that I only just noticed.

I got some spam from AEP about a week back that I only just noticed.

WHEN did you get back? <3

I just then, got some spam email (it does not seem to be from team17 but says it is) and the title/message is:

Title: Siir Physc @ Team17 Forum (DOOLENCAPUTOL@student.jpc.qld.edu.au)

Message: This is a message from Siir Physc at Team17 Forum
( http://forum.team17.co.uk/index.php ). The Team17 Forum owners cannot
accept any responsibility for the contents of the email.

To email Siir Physc, you can use this online form:
http://forum.team17.co.uk/sendmessage.php?do=mailmember&u=94040
OR, by email:
mailto:DOOLENCAPUTOL@student.jpc.qld.edu.au

This is the message:

its funny because your a douchbag want to have sex/i like cocks and i like to show my big ass titties

Big ass titties!
Where's the problem?

Oh yes.... the PM spambots can still spam emails...

Hmm, I can't remember which address I even use.

Oh yes.... the PM spambots can still spam emails...
They shouldn't be ably to spam emails via Team17 forums since they can't log in to do so (banned and all that stuff ya know?).

They shouldn't be ably to spam emails via Team17 forums since they can't log in to do so (banned and all that stuff ya know?).

Wrong.


It seems there's too many to ban, so I won't bother - some have been IP banned so won't actually show up as banned to members... However, any members without any posts won't be able to send PM's until they have a certain number of postsl. I'll leave this thread open for a bit - any other problems relating to this, please post in here!

Meaning some of the spammers are still about, thus able to spam emails.

I tried logging into BugMeNot and I could indeed e-mail myself..

well, thats something the admin can look into... denying banned users various functions other then just browsing forums and replying to them.

well, thats something the admin can look into... denying banned users various functions other then just browsing forums and replying to them.
Franpa, banned users can't even log into their accounts! What the heck are you talking about?

well how on gods green earth, do they send emails to users via the team17 forum then? bleh im possibly just a bit confused because the guy that did spam me is possible not banned at all (Shadowmoon hinted at this).

Let me tell you again:

Some users haven't been banned. Why? because there's too many to ban.

Which means?

that they can click on your profile and email you freely, without a problem... well unless the user has specified they do not wish to be emailed. I'm going to choose to hide my email after i go off BW.

I suggest all of you worried about receiving spam do that.

So yes, i'd say its very likely your spammer hasn't been banned.

You could get around it by increasing the post/PM-moderation to include E-mails as well

You could get around it by increasing the post/PM-moderation to include E-mails as well

Maybe they can't do that?

I just then, got some spam email (it does not seem to be from team17 but says it is) and the title/message is:

That user has already been dealt with. And they were NOT a PM spambot, they just posted a load of offensive messages on the forum.

Oh yes.... the PM spambots can still spam emails...

No they can't. That user was not a PM spambot.

They shouldn't be ably to spam emails via Team17 forums since they can't log in to do so (banned and all that stuff ya know?).

That user sent the e-mail BEFORE they were banned.

Wrong.


Err, you're wrong actually :p
Meaning some of the spammers are still about, thus able to spam emails.

No, they can't. This spammer was totally unrelated to the others.
Some users haven't been banned. Why? because there's too many to ban.

Because alternative measures have been taken against the users involved in the PM SPAM ATTACK which prevents them from accessing their accounts. Also, just because their user status isn't "banned" doesn't mean they're not banned.

that they can click on your profile and email you freely, without a problem... well unless the user has specified they do not wish to be emailed. I'm going to choose to hide my email after i go off BW.

Any user can e-mail you freely as long as your settings allow it and their status isn't "Banned" or "Being Watched".

So yes, i'd say its very likely your spammer hasn't been banned.

That was a different spammer, and they have been banned.


Just because someone sends an abusive e-mail doesn't mean it's the same as pornospammers.

Maybe they can't do that?
Yes we can, and we don't want to.

Err, you're wrong actually :p

Oh, ok.

:(

LMAO, yea I thought I had mistaken what happened ^_^ thanks for clarifying.

Yes we can, and we don't want to.

:eek:

A double-post by a MODERATOR?!?

:eek:

A double-post by a MODERATOR?!?
*Bans wormgod for backseat moderating a moderator*

:p

Oh, yeah - whoops.





I should have reported you instead, shouldn't I? :rolleyes:

Oh, yeah - whoops.





I should have reported you instead, shouldn't I? :rolleyes:
Oh god, the irony..:p

A double-post by a MODERATOR?!?
*Bans wormgod for backseat moderating a moderator*
I should have reported you instead, shouldn't I?
Brilliant! :D