Printable Version of Topic

Posted by: JJ 17 Jan 2010, 15:06

The user "GooDFriend" sent me a spam PM, the contents as follow:

[quote]Hello friend, recommend you check your computer for viruses: http: //antivirus.effectmeds.com/JJ

Most likely a bot.

Posted by: Alias 17 Jan 2010, 15:07

Definitely a bot.

Posted by: Overdose 17 Jan 2010, 15:17

*Terminator voice* He won't be back.

Posted by: Wi-Ta 17 Jan 2010, 15:26

Still using his "Using Personal Messenger"
I did get 2 PM from this bot

Posted by: D' WRTHBRNGR 17 Jan 2010, 16:16

Me too. Disposed of its PMs sent to me.

offtopic: I still get ads even as a user (is it just me, or is it already activated to all users?).

Posted by: Alias 17 Jan 2010, 16:17

Ads, wat.

Posted by: Thez 17 Jan 2010, 16:20

Got them aswell, auto-deleted by Common Sense v1.0

Posted by: The_Hunter 17 Jan 2010, 16:24

And that's what everyone should do nobody click that link if unless you would like your system to be infect with god knows what.

Posted by: Rayburn 17 Jan 2010, 16:25

It sent me 2 PMs as well. Deleted them a few minutes ago.

Posted by: KamuiK 17 Jan 2010, 22:32

Bots are getting better these days are they not? He even has an avatar.

Posted by: Pickysaurus 18 Jan 2010, 2:58

Can you just set it up for email verification, usually stops them.

Posted by: huhnu 18 Jan 2010, 7:39

i thought email verification was already set up...

maybe im just thinking some other forum :S

Posted by: ComeOn225 18 Jan 2010, 16:18

Yeah, it send me 2 yesterday. Put it on my ignore list.

Posted by: ΓΛPΤΘΓ 20 Jan 2010, 22:26

New spambot: luckkyman

Posted by: KamuiK 20 Jan 2010, 23:10

Good thing he is already banned.

Posted by: Pickysaurus 21 Jan 2010, 0:37

This must stop

Posted by: D' WRTHBRNGR 21 Jan 2010, 5:16

Damn, there's another one. Looks like the bots are getting more clever and learning lessons after their failed attempts. I hope the security here is not compromised though.

Posted by: Raven 21 Jan 2010, 10:38

yep got another one this morning!!!!

Posted by: Generalcamo 22 Jan 2010, 5:05

This is a virus invasion. Do not click on any link. Links and attachments should no longer be allowed on PMs. To much trojans. Be prepared for a email wave.

Posted by: ComeOn225 22 Jan 2010, 6:00

ARGGGG!!!! TOOO MUCH BOTS!!!!! >=O

Posted by: Chyros 22 Jan 2010, 15:24

Umm, guys, you might want to switch to an Admin account approval system because we've had major amounts of bots come up to FS and it seems to have found its way to SWR now.

Posted by: Alias 22 Jan 2010, 15:43

Last I checked, it's always been admin approval here.

Posted by: The_Hunter 22 Jan 2010, 16:12

we have that and i usualy search google with the emails use it mostly filters out alot of them altho the latest ones seem to be able to bypass most spam registration sites.

Posted by: KamuiK 22 Jan 2010, 16:30

This gets quite bothersome is is not? Afaik the system here to be allowed to use the forum consists of admin approval. Other sites use the eMail approval. Why not use both? It might help.

Posted by: Alias 22 Jan 2010, 16:35

Well the forum has been operating publically for ~230 days, and there's 557 members. 557/230 is around 2.5/day which isn't that much of a hassle.

Posted by: Wi-Ta 22 Jan 2010, 17:43

Funny thing is when i google http://forums.swr-productions.com/index.php?showuser=685 text some days ago there was nothing.
Now 4 day later you get a completely different result.
This is quit disturbing.

Posted by: JJ 23 Jan 2010, 9:48

Now it took the name Pandut and is sending the same thing again.

Posted by: Pandut 23 Jan 2010, 11:07

D:

Thats not good.

Posted by: E.V.E. 23 Jan 2010, 15:28

I'd rather say Troll alarm.

- E.V.E.

Posted by: Wi-Ta 23 Jan 2010, 15:33

Don't worry
Moderator S.W.A.T is on alert.

Posted by: ComeOn225 23 Jan 2010, 19:33

Good. I feel safe.
(And, yeah, luuckyboy sent me 2 too. Too bad (for him) I use Chrome.)

Posted by: Pandut 23 Jan 2010, 21:41

Not troll. Just bored >>

But yeah, go for the e-mail approval thingy, save the forum from spam-bots before it's too late!

Posted by: D' WRTHBRNGR 24 Jan 2010, 10:08

Well we have to dispose of 'em with:





Anyway, with e-mail approval, I'm afraid that it might be breached if the programmer who created the bots made a e-mail address for the bots to use (I hope not). Following http://forums.swr-productions.com/index.php?showtopic=1460, it seems that it led to a wave of bot spam attacks (coincidence?).

Posted by: Raven 24 Jan 2010, 13:37

EMP the damn to submission :xD

Posted by: ComeOn225 24 Jan 2010, 15:00

That'll just make our motherboards sizzle.
Also, is it possbile to make the sender to type in a set of random letters just to send the message? Like the ones used in online shopping sites? It'll may remove those pesky messages.

Posted by: Alias 24 Jan 2010, 15:02

A lot of good bots can bypass CAPTCHAs.

Posted by: D' WRTHBRNGR 24 Jan 2010, 18:44

http://en.wikipedia.org/wiki/CAPTCHA#Circumvention on the Achilles' heels of CAPTCHAs

I'm sure hackers and evil programmers out there will keep on making better spambots to breach more and more secure systems, like breaking Enigma Machine codes or superpowers having an arms race. Unless this has been resolved, a large part of banned members here would be bots .

As the Hacker says in Gens, "There's always a way in..."

Posted by: KamuiK 24 Jan 2010, 19:58

Yep, always. There is a Russian prog one could buy which can bypass almost any captcha code.

Posted by: Generalcamo 24 Jan 2010, 22:12

I remember when i had a virus. it is still floating around. it is called AVR or advanced virus remover scam. a virus that tells you that ALL windows programs are a trojan. they tell you to buy it then when you buy it, they tell you to buy the advanced version. It is from russia. Had to reformat my whole computer. PLEASE be careful.

Posted by: Zhao 25 Jan 2010, 17:27

if i was careful i wouldent have to create a new network every 1 - 6 months

Posted by: Raven 26 Jan 2010, 8:43

Or perhaps we can use image based captcha's like the ones used by Rapidshare briefly...True its difficult to understand the picture, but if only a few users are affected daily, perhaps thats a better option

OR

A small questionnaire about SWR projects to make sure the registering person is genuinely interested about the forums.

Posted by: D' WRTHBRNGR 26 Jan 2010, 9:41

Sound good, but they could be bypassed by bots by making pre-programmed answers, i.e. thoretically, a human user would first answer the possible questions or browse around the forums as an unregistered guest, and once he/she knows it, it those "answers" would be then be programmed for the bots to use. A randomized set of questions about the team and its projects should also improve system and make things pretty tough for bots.

Posted by: Alias 26 Jan 2010, 9:45

The questionnaire is a stupid idea. What about someone who wants to join to actually find out about the mods to begin with?

Just as you would not know as much about SWR's history as I do, a new user would typically not know as much as you. The questionnaire is a flawed concept.

Posted by: Yami 26 Jan 2010, 15:14

I'm for that !

Posted by: n5p29 26 Jan 2010, 15:40

how about ask new users to type a special word? like "Shockwavemod", or "RussiaECA". this never changes, so if someone type other than that, it's a bot.

example question on user registration (the underscores are the text box):

it should typed:

will that work?

Posted by: Alias 26 Jan 2010, 15:44

A bot can just read that. If they can decode CAPTCHAs there's no doubting they can read a simple string of text.

Posted by: Wi-Ta 26 Jan 2010, 15:46

I found this

this only works if hide in css

http://1ngo.de/web/captcha-spam.html

Posted by: n5p29 26 Jan 2010, 15:52

then how if the word is located somewhere else? like "Type the SWR Productions motto" ?

Posted by: Yami 26 Jan 2010, 15:53

Let's face it the bot are becoming more and more smart ... and eeeeeevil xD

Posted by: Wi-Ta 26 Jan 2010, 15:55

BTW
I just did see we have already CAPTCHA running

Posted by: Pickysaurus 26 Jan 2010, 16:08

What does the code do? (I don't speak german)

Posted by: Wi-Ta 26 Jan 2010, 16:19

You have a hidden form that ask for mail address.
The normal user will not see this but the bot will fill in (as far as i did understood).

Posted by: KamuiK 26 Jan 2010, 22:40

That would be handy, maybe, but what if the bot can decode/read it?

Posted by: JRK 26 Jan 2010, 23:35

How much security do you want? I think image-based CAPTCHA will thwart most of the bots. Those that DO get through can be disposed of easily anyway.

Posted by: D' WRTHBRNGR 27 Jan 2010, 4:05

Sounds good, but like a text captcha, it can be decoded by bots by recognition, although it may be hard for them. Through the use of audio support to help the user read the words in the captcha (e.g. uppercase: A; lowercase d; space; uppercase F...), could it be used by bots to exploit it and use it to their advantage?

Posted by: Alias 27 Jan 2010, 4:39

I think Wi-ta's form is the best thus far, as it completely discriminates between a bot and the user so there is practically no chance for an authentic user to be denied, even though some bots may still come through.

Posted by: Raven 27 Jan 2010, 18:23

My question is do these bots target the SWR site deliberately or is it just a small part of a larger attack against forums using the specific forum software? If it is specific case questionnaire is not a good solution....but if it is not, then the questionnaire might be a good idea. Wi-Ta's suggestion is also good IMO.

Posted by: Pickysaurus 27 Jan 2010, 18:49

I don't think there's anything personal against SWR - just some bastards that think they gain something by filling the internet forums with spam

Posted by: D' WRTHBRNGR 29 Jan 2010, 3:45

Or they feel good and find it fun, like "Boom! Hahaha, you've been rickrolled, sucka'!" when they're wreaking havoc.
If possible and practical, why not use both security features?