• Guys, we've spent considerable money converting the Les Paul Forum to this new XenForo platform, and we have ongoing monthly operating expenses. THE "DONATIONS" TAB IS NOW WORKING, AND WE WOULD APPRECIATE ANY DONATIONS YOU CAN MAKE TO KEEP THE LES PAUL FORUM GOING! Thank you!

Low post counts and embedded links?

sonar

sonar

New member
Joined
Jan 10, 2003
Messages
3,589
What's up with this?

At first it was a single post count user asking a general question with an embedded link or links. Now the member signup might be a couple months old with a few posts, and doing the same thing.

Is this a hack or am I missing something?
 
Tom Wittrock

Tom Wittrock

Les Paul Forum Co-Owner
Joined
Aug 2, 2001
Messages
42,567
It worries me too, and I hope the Moderators take notice.

And don't forget, there's always the "report post" button [below the avatar on each post].
 
sonar

sonar

New member
Joined
Jan 10, 2003
Messages
3,589
Tom Wittrock said:
It worries me too, and I hope the Moderators take notice.

And don't forget, there's always the "report post" button [below the avatar on each post].
Click to expand...

I've used it twice.

It's a shame that suspicion is now part of the scenario. Countless times I've mentioned here and on other sites the wealth of guitar information on the LPF. Far from the biggest, but bit for bit one of the best places for guitar knowledge.
 
Tom Wittrock

Tom Wittrock

Les Paul Forum Co-Owner
Joined
Aug 2, 2001
Messages
42,567
sonar said:
I've used it twice.

It's a shame that suspicion is now part of the scenario. Countless times I've mentioned here and on other sites the wealth of guitar information on the LPF. Far from the biggest, but bit for bit one of the best places for guitar knowledge.
Click to expand...

If you can get past the curmudgeons! :##
 
B

BLuesGuitarMart

New member
Joined
May 11, 2016
Messages
22
I've reported a few users when I've seen it and mods have always been quick to act. Tends to be somebody will quote somebody else's post and change it a bit to contain a link, or what I saw before was it copied another post further up the thread but I guess ran it though some kind of thesaurus type software because it was like a badly translated version of the previous post. Was very weird, but it also contained a link.
 
sonar

sonar

New member
Joined
Jan 10, 2003
Messages
3,589
Happened again with the, "Why are vintage guitars considered to sound better than modern ones?" in the Vintage section. From the start I had a bad feeling about that thread.

This time a single post user started a thread, waited for some traction, then edited his OP with a link. Obviously, I reported it.

What's the endgame with these attempted hacks?
 
Tom Wittrock

Tom Wittrock

Les Paul Forum Co-Owner
Joined
Aug 2, 2001
Messages
42,567
sonar said:
Happened again with the, "Why are vintage guitars considered to sound better than modern ones?" in the Vintage section. From the start I had a bad feeling about that thread.

This time a single post user started a thread, waited for some traction, then edited his OP with a link. Obviously, I reported it.

What's the endgame with these attempted hacks?
Click to expand...

He started another thread [post #2] before he edited that post. He has not responded in that second thread.
A Mod edited the spam link.

Still, it all seems suspicious. :wah
 
sonar

sonar

New member
Joined
Jan 10, 2003
Messages
3,589
I posted this in the best concert thread, but it belongs here:


There is a "zero day" vulnerability with VB reported last month, although researchers claim the vulnerability is at least three years old. Pretty nasty bug that can take over servers that host. My guess is for a future DDoS attack.

There is a patch for the software, but that isn't going to stop single post users and their links.
 
marshall1987

marshall1987

Well-known member
Joined
Jan 30, 2005
Messages
3,278
Sonar...help me understand this problem..

if I understand correctly....there is a vulnerability with Internet forum sites like the LPF where a hacker with a new membership starts a thread intended to sucker the forum community into responding and then baits us into clicking on links that run embedded malicious code? :dang

Is that what this is about? Thanks.
 
sonar

sonar

New member
Joined
Jan 10, 2003
Messages
3,589
marshall1987 said:
Sonar...help me understand this problem..

if I understand correctly....there is a vulnerability with Internet forum sites like the LPF where a hacker with a new membership starts a thread intended to sucker the forum community into responding and then baits us into clicking on links that run embedded malicious code? :dang

Is that what this is about? Thanks.
Click to expand...

That would be my guess.

About a month ago an anonymous source revealed a vulnerability with vBulletin forum software, which the LPF uses. Oddly, the anonymous source could have reported this to the proper authorities and receive a $10,000 bounty, but didn't. He/she/they also published python code that can be used to attack the vulnerability. Again, unusual behavior.

Often these news stories are purposely short on specifics due to copycat practices, and I have no conclusive evidence if the current activity on the LPF is related to the reported vulnerability, but the timing is about right.

I think we can only assume the worst - the links direct to malicious code and everyone from user to administrator on the LPF is potentially at risk. Whatever you do, DON'T CLICK ON THE LINKS.

There is a patch for vBulletin software that addresses the vulnerability, but that doesn't stop new users from signing up and embedding malicious links.

For now the only thing we as forum members can do is watch any single user post that seems suspicious and report it to the mods if any link is put in a post.
 
You must log in or register to reply here.
Top