Jump to content

Potential Security Threat - www.spamcop.net


daky

Recommended Posts

I haven't used SpamCop regularly in some time however today I received a password reset from spamcop.net. Not sure if this is a wide spread attack against SpamCop or not but someone requested a new password for my http://www.spamcop.net account this afternoon and wanted to report it incase it is not an isolated incident.

Thanks.

Alex

Link to comment
Share on other sites

I haven't used SpamCop regularly in some time however today I received a password reset from spamcop.net. Not sure if this is a wide spread attack against SpamCop or not but someone requested a new password for my http://www.spamcop.net account this afternoon and wanted to report it incase it is not an isolated incident.

Thanks.

Alex

Me too the same message.

Thanks

amanzoor

Link to comment
Share on other sites

Fairly sure David is right. Moving to the "Reporting" forum, re-direct in place just in case we are wrong. Thanks for the heads up Alex & amanzoor.

The worrying thing is someone would need to know your SpamCop username (login name, not full name/alias) in order to trigger the password change auto response. Hopefully SpamCop staff can see what is going on, if this is happening in bulk.

Assume you can still access your reporting accounts?

Link to comment
Share on other sites

I received the same message yesterday (for a different email address than the one I'm using on this forum, for security's sake), and like the original poster I haven't used my spamcop account in quite a while. Just thought it would be worth letting people know this is happening to more than one person. Possibly a bit too paranoid, but I don't really want to log in, in case someone is already in my account. Edited message pasted below to make sure it's genuine:

Someone (probably you) has requested that SpamCop reset your password.

Your username is: xxx[at]xxx.xxx

Your password has been reset to: xxx

Passwords are cAse sENsiTive and may contain lookalike digits such as, "one"

and "ell" or "Oh" and "zero." Our system will allow you to paste in your

password if your browser will. After you log in, you can use the "Preferences"

link at the top of the page to change your password.

Link to comment
Share on other sites

OK, we'd best leave it to SC staff to take over from here, only they have the access to reporter accounts and ability to authenticate/intervene.

Any other members receiving mysterious resets of their reporting account passwords are invited to add their "me to"s in the event that will assist the staff in any subsequent private contact (e-mail) they may wish to make. Feel free also to contact them direct - Service[at]Admin.SpamCop.net would be a good place to start.

PM sent to iainjenkins.

Link to comment
Share on other sites

Advised by SpamCop Administrator

A couple of our processes were attacked by scripts, Our logs

show this was a dictionary attack, not any sort of orchestrated attack

that suggested any type of security breech.

We continue to investigate but at this point we're not sure what the

purpose of the attack was other than to be an annoyance. We will let

users know if we find anything different.

At this point we have suspended a couple of our forms while our

developers work to secure them from this type of attack.

- Don D'Minion - SpamCop Admin -

- Service[at]Admin.SpamCop.net -

Accordingly, it seems those affected can safely use their replacement passwords to access their reporting accounts.

Link to comment
Share on other sites

A couple of our processes were attacked by scripts, Our logs

show this was a dictionary attack, not any sort of orchestrated attack

that suggested any type of security breech.

We continue to investigate but at this point we're not sure what the

purpose of the attack was other than to be an annoyance. We will let

users know if we find anything different.

- Don D'Minion - SpamCop Admin -

- Service[at]Admin.SpamCop.net -

Link to comment
Share on other sites

  • 2 weeks later...

Advised by Don -

The pages that were attacked by scripts and had to be taken down, such as the password reset page, have been fixed and put back in operation.

- Don D'Minion - SpamCop Admin -

- Service[at]Admin.SpamCop.net -

Link to comment
Share on other sites

  • 2 weeks later...

Recently recieved an email out of the blue stating my password had been reset.

I immediately went into SC account annd changed the password, thinking I might be bright using a new strong password, and not recording it anywhere.

Now I cannot recall it and not recieving password reset email from spamcop.

Need another solution, or the account checked over, wondering if "they" managed to send a password reset email intercept somehow, and changed my account email.

Assistance would be appreciated

Link to comment
Share on other sites

Hi, minionsweb,

...Sorry to hear of your problem. My recommendation would be to click the link labeled "I forgot my Password / can't login / other account problems" in the SpamCop FAQ.

Edit by Steve T: Revoking my advice based on DT's suggestion 88932[/snapback] (linear post 14) supported by Farelf's action 88934[/snapback] (linear post 15).

Link to comment
Share on other sites

We were recently attacked by someone using scripts to randomly change passwords. Your account has not been hacked.

If you will send me your login email address, I will manually change your password.

Send the info to me via EMAIL. Service[at]Admin.SpamCop.net

Do NOT post the info here.

- Don D'Minion - SpamCop Admin -

- Service[at]Admin.SpamCop.net -

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...