someone on boards has hacked my e-mail

shinzon · 28-06-2003 2:05pm #1

3 mails with the subject heading "HELLO" have been sent out from my e-mail address, i have a full record of what was sent to the e-mail addresses involved, none of them cotained "HELLO" as a subject heading, I can only assume that because of my recent rant against Dannger someone on boards has decided to **** around a little bit, if I find out who it is i will be contacting the gardai.

I take this **** acting around as going way over the top, but rest assured is this does not stop I will call the authorities on who ever is doing it.

The reason im saying someone on boards did it is because there was e-mail addies posted in one of the threads that just happen to be the 2 of the e-mails that had viruses on them

Im putting this up as a warning to whoever is doing this stop and stop now, what your doing is internet crime plain and simple, im fully protected now so you wont get in, but you have my e-mail address so if i get anymore virus notices from postmasters etc, i will sendall data to the gardai and let them deal with it.

Regards

Shin

tomED · 28-06-2003 2:11pm

I also noticed a hack attack on my webserver coming from this board - but luckily enough the server was protected properly.

Its a bit sad that people on this board would lower themselves to that level just because someone has a different opinion than them.

ecksor · 28-06-2003 3:15pm

The 'hack attack' forum is for discussion about developing software for boards.ie

E-mail is very easily forgeable. And it may have nothing to do with boards. In fact, it probably doesn't, it is typical virus behaviour after all. Perhaps addresses were harvested from boards, but anyone can do that. Going to the Gardai with this would be a waste of garda time in my opinion.

PiE · 28-06-2003 3:29pm

...and quite sad.

You got a few virus emails... so what? You should've scanned them with an AV in the first place.

I get them everyday on one of my spam accounts, I think I'll sue boards.

Col_Loki · 28-06-2003 4:01pm

Hey its far more lightly that a virus has just sent a couple of e-mails from your account or...

Some one is just mimicing your address, ie they dont really have access to your e-mail but the people who recieve the e-mail think its you who is sending them.

In fairness who would be bothered hacking into your e-mail (timewasting) over a little dispute. Even if they did just change your password and get on with it.

Boston · 28-06-2003 4:01pm

Its quiet easy to fake email address, i used to do it for kicks when i was 12, and then use a remailer program. By saying someone from boards, it implies that its the responsiblity of the admins, it aint. By saying you will contact the gradi your presuming that there is a law against this sort of thing. Also i do believe the term used is not hacked, but is cracked.

Bard · 28-06-2003 4:16pm

Boston hacked your email!

IS NOTHING SACRED?!

I'm hung over.

IS NOTHING SACRED?!

hmm... I'll get me coat.

Col_Loki · 28-06-2003 5:40pm

Imagine going to the local police station and them some villan hacked into your e-mail and send mails saying "HELLO" ......
WOW they'd really take that one seriously , like i mean what could be next "GOODBYE" mabye??? The mind boggels !!

PS i mean Cracked your e-mail

bubbles · 28-06-2003 5:42pm

muppets

shinzon · 28-06-2003 5:47pm

i have now gotten the ip address of the person who has been using my e-mail account to send out the virus e-mail, only a matter of time before he tried it on again, you know who you are, this is your last warning STOP now or you will be in trouble

Regards

Shin

sceptre · 28-06-2003 5:50pm

Originally posted by shinzon
3 mails with the subject heading "HELLO" have been sent out from my e-mail address, i have a full record of what was sent to the e-mail addresses involved, none of them cotained "HELLO" as a subject heading, I can only assume that because of my recent rant against Dannger someone on boards has decided to **** around a little bit, if I find out who it is i will be contacting the gardai.

TBH, I doubt anyone was all that pushed in a negative way about your rant against Dangger. "Rant" is a bit strong. You had a point of view, you expressed it, nothing wrong with that, that's all. Dahamsta has been quite critical of a few things from time to time and hasn't reported anyone out to get him (except maybe for Mike Fagan and/or anyone Adam has said un-nice things about but that's for completely different reasons:D)

I take this **** acting around as going way over the top, but rest assured is this does not stop I will call the authorities on who ever is doing it.

The reason im saying someone on boards did it is because there was e-mail addies posted in one of the threads that just happen to be the 2 of the e-mails that had viruses on them

See below for getting the IP address from the mails. I get viruses sent to my address(es) on a regular basis. There's no way I connect that with anyone out to get me - with all those Outlook viruses going around at the moment (and people (unfortunately obviously including people I've given my mail address to) not bothering to update their virus checker, if they even have one) it's easy to get a virus sent to you without a bogeyman on your ass.

In other words, get the damn IP address, then come back and say "perhaps someone on boards did it" if you know beyond a doubt that it isn't you. With the IP address you can trace it to an ISP, then you can get the ISP to take it from there and identify a person.

There have been a few reports on the Open mailing list of faked returned addresses causing problems for people (one person has had a great deal of trouble with it). I've probably had a few bounced mails from mails I didn't actually send over the years, though it's never been a big problem. If a spam sender decides to use your mail address as a return address you'll hit big problems. Like Boston said, it's remarkably easy to do, even in a secure environment (I can remember being able to do it supposedly from MS Exchange clients in UL a few years ago (at the time to prove to the sysadmins that their system was full of security holes)). My money's on your having pocked up a virus though.

Im putting this up as a warning to whoever is doing this stop and stop now, what your doing is internet crime plain and simple, im fully protected now so you wont get in, but you have my e-mail address so if i get anymore virus notices from postmasters etc, i will sendall data to the gardai and let them deal with it.

Have you run an updated virus checker on your machine recently?
If the messages you got back contained full headers you should be able to work out where the messages were sent from using the IP address (which will help you to work out whether they came from your machine). If you didn't get back full headers, send the postmasters a note asking them if they'll send them to you. If someone else did send a mail with your address as the return address (which has nothing whatever to do with "hacking your account" btw, this will also provide you with some info on them.

I'd be amazingly surprised if someone went to the bother of doing either of those things to be honest. No-one actually cares that much.

Who is your email provider btw? I'm not searching through a wad of posts to find out (though it's unlikely to be relevant anyway).

Seriously though, you're jumping to conclusions and looking silly. Get the IP addresses, check them, then fling accusations around like confetti if you really feel the need. The world is not out to get you. It's pretty likely that no-one in the world is out to get you.

(edited - forgot to put quote tags around part of it)

Slydice · 29-06-2003 9:16am

Originally posted by shinzon
i have now gotten the ip address of the person who has been using my e-mail account

Was it 127.0.0.1 by any chance?

dod · 29-06-2003 12:02pm

lol slydice

shinzon · 29-06-2003 12:32pm

Originally posted by Slydice
Was it 127.0.0.1 by any chance?

ha ha about as entertaining as watching your mother giving birth to the piglet that you are

Shin

DeVore · 29-06-2003 12:35pm

OMG! SOME1 HACKED MEH GIBS0N!

lol tbh k thx bye.

DeV.

Boston · 29-06-2003 2:35pm

Originally posted by DeVore
OMG! SOME1 HACKED MEH GIBS0N!

lol tbh k thx bye.

DeV.

I knew it was you O_o

po0k · 29-06-2003 5:27pm

Originally posted by shinzon
i have now gotten the ip address of the person who has been using my e-mail account to send out the virus e-mail, only a matter of time before he tried it on again, you know who you are, this is your last warning STOP now or you will be in trouble

Regards

Shin

rofflemayo

Cop yourself on, you're over reacting.
Bloody prima-donnas :rolleyes:

^CwAzY^ · 29-06-2003 5:45pm

Originally posted by shinzon
i will sendall data to the gardai and let them deal with it.

The Gardai will laugh at you, like Im doing now
Did you perhaps wander off the set of the movie 'hackers' ?

tomED · 29-06-2003 7:28pm

Jus to cut in....

Funny and all that it is that his "email" was hacked as he has put it... The thing I'd be most worried about is the fact that someone would go to these lengths just because they disagree with something someone said.

Some poor sad "script kiddie" (thats all I could class them as, because whoever it was wasn't an expert) tried numerous well known vunerability attacks on my web server, obviuosly with some malicious intent in mind.

If I found out who it was I would report them - only as a way of getting them back for being stupid enough to mess with my site.

I dont mind someone tryin to hack my site to let me know I have problems with security or tryin to hack my site to see if they can get in. But if its someone with malicious intent, to do damage just because i disagreed with them, i have a problem with that... Does noone else feel the same?

ecksor · 29-06-2003 7:32pm

Much the same arguments that apply to shinzon apply to you too tomED. What evidence do you have that it was anything to do with boards or anything you posted here? Or indeed, that it was targeted against you specifically?

That's the point here, you're both jumping to conclusions but you don't seem to have any evidence.

Boston · 29-06-2003 7:41pm

I personally think that if boards.ie was in the bussiness of hacking people, they would be quiet good at it and detroy and email address web server...ect they came up against, i imagine what i could do with my limited (extremely limited) knowledge on the subject, and then you have the likes of rigi and ecksor who actually know afew things, do you really think these people can be arsed in attacking you, and if they where that they would leave anything to trace them

BoobeR · 29-06-2003 7:41pm

MY GIBSON WAS HAXORED, im scared

im telling my mommy on you!!!

ecksor · 29-06-2003 7:43pm

I don't think anyone is accusing the boards team of doing anything, just linking these attacks to threads/flamewars on boards.

tomED · 29-06-2003 7:47pm

Originally posted by ecksor
Much the same arguments that apply to shinzon apply to you too tomED. What evidence do you have that it was anything to do with boards or anything you posted here? Or indeed, that it was targeted against you specifically?

That's the point here, you're both jumping to conclusions but you don't seem to have any evidence.

Sorry eksor - my original post is a bit misleading.

When I said "coming from this board" I basically meant that someone that came from a post on this board. A post in which some people weren't happy with what I was saying.

The evidence I have that it was someone that visited these boards are in my server logs

What more evidence do I need? When I can tell the exact url the attack came from, the IP address which is irish based and the fact that it came from a post which got pretty heated - I draw my conclusions on that.

Im not blaming boards.ie at all! Im just saying that I know it was someone that came here - and - i was only saying that I don't think its right and posing the question to everyone else....

Dooom · 29-06-2003 7:56pm

er....i got one of those emails...the subject line was "Hello!" and
there wasnt any text, just something about mackafee virus thingy. the attachment was "813712-GamesTheScreenTurnsBlack.htm.exe". wackish. and me and shin had exchanged emails previously about memory or something.
however -
i also got an email from gamespy (ive subscribed to their newsletter) and the subject line was normal (something like new nwn pc expansion review....etc) yet this is what was in it:

<HTML=3E<!--

This is the GameSpy Daily for 6/18/03!

Is this email messed up=3F Are you getting a bunch of garbledegook below ins=
tead of pictures, links, and news=3F No problem=2E

and the attachment in this email was - "813712-GamesTheScreenTurnsBlack.htm.scr".
more wackish. so mayb there is some truth....
but in all fairness "im gonna take you to teh grads!" (or whatever) is just plain laughable

/edit: heh .sexe. hee hee

ecksor · 29-06-2003 7:57pm

Originally posted by tomED
When I said "coming from this board" I basically meant that someone that came from a post on this board. A post in which some people weren't happy with what I was saying.

The evidence I have that it was someone that visited these boards are in my server logs

Referrer logs? Those aren't proof of anything (also easily fakeable) although I'll admit that it's a strong indication.

Feel free to send me such logs via private message or e-mail btw. I won't reveal to you who it was, but it's no harm for us to have an idea of who's acting the muppet.

shinzon · 29-06-2003 9:28pm

Originally posted by Aragorn
er....i got one of those emails...the subject line was "Hello!" and
there wasnt any text, just something about mackafee virus thingy. the attachment was "813712-GamesTheScreenTurnsBlack.htm.exe". wackish. and me and shin had exchanged emails previously about memory or something.
however -
i also got an email from gamespy (ive subscribed to their newsletter) and the subject line was normal (something like new nwn pc expansion review....etc) yet this is what was in it:

<HTML=3E<!--

This is the GameSpy Daily for 6/18/03!

Is this email messed up=3F Are you getting a bunch of garbledegook below ins=
tead of pictures, links, and news=3F No problem=2E

and the attachment in this email was - "813712-GamesTheScreenTurnsBlack.htm.scr".
more wackish. so mayb there is some truth....
but in all fairness "im gonna take you to teh grads!" (or whatever) is just plain laughable

/edit: heh .sexe. hee hee

Yeah thats exactly it aragorn, did you know that e-mail contains the wbugbearb virus, id advise you to goto the symantec site and download the wbugbear.b virus cleaner immediately, run that in safe mode and tell everyone in your address book to do the same, as the virus is sent out to everyone in there

Shin

You see someone is hacking my e-mail to send out that bloody virus ****ING BASTARD i have your ip remeber so stop it now, not you aragorn by the way just in case you think im saying that to you

eth0_ · 29-06-2003 9:40pm

Oh goodness this thread is pretty ROTFLOL inducing! heheh!

ecksor · 29-06-2003 9:43pm

Originally posted by shinzon
You see someone is hacking my e-mail to send out that bloody virus ****ING BASTARD i have your ip remeber so stop it now, not you aragorn by the way just in case you think im saying that to you

Please get a clue.

DeVore · 29-06-2003 10:26pm

Let me make this perfectly clear:

Shinzon you have the technical expertise of a debilitated yogurt. Not one of those natural yogurts that have "good bacteria" in them either. Oh no...
one of those foul Yoplait chocolate yogurts that leaves a nasty bitter aftertaste.

Please get a clue or read up about mail protocols and virus vectors before exploding in rage at some leet-haxor who is out to attack you personally because you are the only one who is standing up and telling the truth.

Noone need go NEAR your account/server to send a mail that purports to be you. Mail is about the least secure transport EVAR.

Why am I reminded of OJ Simpson or Metalica/Napster all of a sudden.

k thx bye.

DeV.

Boston · 29-06-2003 10:37pm

I can't remember if it was this forum or another, but a version of ubb, when hacked to use pm, used to send an email to the person recieving the pm as if it was from their email account, thats how easy it is. right click on the email in question, click properties then details, the check out the mail server it came from using whois, you will soon learn that its probably not even irish and most definitly a remailer server. how this has anything to do with boards i don't know exactly.

ecksor: i took up tomED original post the wrong way.

DeVore: i hate those yogurts, they look nice, but aint, you should try yop by yoplait, passion fruit one is nice

Ruu_Old · 29-06-2003 11:37pm

i got a similar virus today kevin9.zip or something and it contained a .scr file which was the Bugbear virus. I had my viruscan pick it up right away of course.

I am teh plageu

Asok · 30-06-2003 12:12am

I know who it was here is a garda composite of the suspects

amp · 30-06-2003 12:28am

Yeah, probably hacked their way in through Shinzons pci bus.

DeVore · 30-06-2003 12:46am

I have a PCI taxi.

DeV.

Ronan|Raven · 30-06-2003 12:46am

I hate to disapoint you shinzon but bugbearb is as rampant at the moment as The Clap is with the population of Ireland. Did it ever occur to you someone who may have had yer email address in their address book contracted bugbearb and as a result of it , it likes to send itself to others and infect them... And then from you to them and so on and so forth. Bugbeabr is as common as ****. Dont feel special in having recieved it.

http://securityresponse.symantec.com/avcenter/venc/data/w32.bugbear.b@mm.removal.tool.html

50Cent · 30-06-2003 1:31am

Shinzon your an idiot. An absolute idiot. That virus is so common. Your completely overreacting.

Stephen · 30-06-2003 1:59am

Tellox · 30-06-2003 2:12am

Im so terribly bored..

tomED · 30-06-2003 8:39am

Originally posted by ecksor
Referrer logs? Those aren't proof of anything (also easily fakeable) although I'll admit that it's a strong indication.

Feel free to send me such logs via private message or e-mail btw. I won't reveal to you who it was, but it's no harm for us to have an idea of who's acting the muppet.

Eksor - the referrer logs are enough proof for me at the moment that someone was playing around. As I said it was some "script kiddie" that either used a desktop application, like a scanning tool / security auditing software tool or some script from the web.

The logs show that whoeever it was tested for some VERY old iis vunerabilities (which i found cute) such as the webhits.dll vunerability. They also checked for some more up to date ones - like formmail. They tried pathing to formmail script like so "http://www.2bscene.net/cgi-bin/formmail.cgi", then they tried ".pl". My structure isnt like this - even though I have updated my script.

I actually feel stoopid now for not reading the initial post by shin, I just dived in - i guess i give people on this board too much respect

.

I can send you the ip address of this person and the actions he took - I'd feel bad though, after he/she tried all these attacks, he then bookmarked my site!!!!!

So although I'm not happy someone tried to hack my site - i did find this guy kinda funny.........

The Muppet · 30-06-2003 9:46am

RE 50cent

Shinzon your an idiot. An absolute idiot. That virus is so common. Your completely overreacting.

Nasty Echo in here can something be done about the acoustics.

shinzon · 30-06-2003 11:06am

Lock this thread its run its course, ive lost all desire to interact on it anymore, and I think tellox should be banned for a reasonable amount of time for puttting up a screenshot like that, but he wont so thats all i gotta say about that

i have the ip thats enough for me

Shin

DeVore · 30-06-2003 11:17am

You got a common virus. That ip most likely leads to a completely innocent person who was also virused, but hey, good luck with your OJ-like hunt for the true perp.

DeV.

someone on boards has hacked my e-mail

Comments