21 replies to this topic

[mjjw]

When I signed up for DevMaster, as I do with all sites I used an e-mail address unique to this site (I have unlimited email addresses so I use a different one for each site I ever sign up for).

About 10 minutes ago I received spam to that e-mail address. The only thing this e-mail address has ever been used for is to sign up this this site (and was created specifically for that purpose).

Can anyone from this site explain how the spammer got my e-mail address?

The spam had a from line of : Annerose Weiß and a reply address of kingvljoensnyders@gmail.com

Has any other site member had the same spam?

[Sol_HSA]

Yup, got one. Seems like a standard "there's billion dollars of yours here, you can get it if you give us money first"-scam.

[Nick]

mjjw said:

Can anyone from this site explain how the spammer got my e-mail address?

Some spambots simply keep guessing e-mail addresses. There are even commercial e-mail 'broadcasting' applications to 'expand your markets'.

Unless your e-mail address consists of completely random characters, it's not that hard to find for a spambot that uses some succesful patterns... :sad:

[Reedbeta]

Hmm, I got the same message...

EDIT: I'm following up with Dia to see if there might have been some intrusion.

[zebeste]

Got one also (actually two, one about a week ago). I was wondering how they got my email address.

[Grumpy]

Nope... didn't get any ... Just the same ol' Viagra adds in my spam box.


Grumpy

[starstutter]

Man this is strange, I got the exact same type of message this morning.

[SmokingRope]

I got one too. Perhaps we will all be billionaires soon. :lol:

[Dia]

Hmm...I received the same spam message to my email too, but I also received one to my non-devmaster emails. I wonder how we can find out if some hacking attempt occurred, or whether this is one of those random mass-email spams...

In any case, we'll investigate and analyze the log files to find out if anything suspicious is going on. Thanks for bringing this to our attention.

[monjardin]

I got the message from "Annerose Weiß" today too. I thought it was odd because stuff like that hardly ever gets through my spam filter.

[mjjw]

Reedbeta said:

Hmm, I got the same message...

EDIT: I'm following up with Dia to see if there might have been some intrusion.

Thankyou! Please keep me posted.

[hovermonkey]

I too got the Annerose spam along with some other 419 scams. They are using my previously registered email address (devmaster@... so it's obviously this site they got it from) instead of my new one. I was using that address between Sept. 2006 and Sept. 2008, if that helps.

[dannthr]

When I was young, I used to have decoy hotmail addresses that I would use for crap stuff if I ever needed an address and I didn't want to give people my regular address.

One of the hotmail addresses I had never used, for some reason I checked it and was warned that if I didn't use it, hotmail would delete it, so I sent a decoy email from my personal aol address.

After that, the hotmail account started receiving steady spam. Enough to keep it open and "in-use."

How, I don't know.

[roel]

monjardin said:

I got the message from "Annerose Weiß" today too. I thought it was odd because stuff like that hardly ever gets through my spam filter.

I second that. This was actually the first one that slipped through my ISP's spam filter.

Maybe it is all a coincidence, but there really appears to be a relation with devmaster.

[Nils Pipenbrinck]

Just for the statistics: I got the email as well.

[LeGreg]

Nick said:

Some spambots simply keep guessing e-mail addresses. There are even commercial e-mail 'broadcasting' applications to 'expand your markets'.

Unless your e-mail address consists of completely random characters, it's not that hard to find for a spambot that uses some succesful patterns... :sad:

huh no they can't guess that easily. If an address is only used in one place (say devmaster forum) and not of common aliases (webmaster@, info@, sales@ etc) I don't see how they could guess that one. Else how come they don't guess other aliases that are used on other websites.

I think the devmaster site has been compromised. It's not uncommon with those packaged forums (phpbb, vbulletin etc).

I've got one too from "Sport2plus".

[Dia]

From the investigation performed, it looks like the database has been compromised through a specific site script (not related to the forums - the security level of the forum software we use is known to be pretty high. In any case, I've applied the latest security patches to the forums).

Security is taken very seriously; we have had many measures on the server to prevent things like SQL injections and so on. But unfortunately, it looks like a loophole was found. It has been patched now.

In the next month or so, we'll update the forums software to ensure we have the latest security features (as well as the latest cool forum features).

Our sincere apologies to everyone for this mishap. Rest assured however that the only sensitive information we have in the database are the emails. The passwords are stored in encrypted form, so they are perfectly safe.

Hopefully, this will not happen again.

[dannthr]

Well, thanks for keeping us posted and informed.

[.oisyn]

For exactly this reason I use separate e-mail adresses and passwords for each site I need to have an account for. Not that I don't trust the sites, but simply to be protected in the event security is compromised.

Unfortunately, I registered to devmaster before I started to apply this policy :/

[monjardin]

.oisyn said:

Unfortunately, I registered to devmaster before I started to apply this policy :/

Me too. :(