• New Horizons on Maelstrom
    Maelstrom New Horizons


    Visit our website www.piratehorizons.com to quickly find download links for the newest versions of our New Horizons mods Beyond New Horizons and Maelstrom New Horizons!

Hacked automated response emails?

G

Groggsy

Landlubber
This is the automated response email I got this morning (below) meant to be from one of the threads I was watching. As you can see its not the normal format.
Has anyone else recieved this or similar and have they found out what happens when you click the link? Personally I woul advise against clicking them!!!
But i just thought I should let others know all the same.



Hello,

You are receiving this email because you are watching the topic, "Tool for making characters and converting VRML files to gm" at come play security with us #StOORm irc.gigachat.net. This topic has received a reply since your last visit. You can use the following link to view the replies made, no more notifications will be sent until you visit the topic.

<a href="http://Pirates" target="_blank">http://Pirates</a> ??? u were Hacked Fuack3d by StOORm/viewtopic.php?p=98768#98768

If you no longer wish to watch this topic you can either click the "Stop watching this topic link" found at the bottom of the topic above, or by clicking the following link:

<a href="http://Pirates" target="_blank">http://Pirates</a> ??? u were Hacked Fuack3d by StOORm/viewtopic.php?t=3310&unwatch=topic

--
Thanks, The Management
 
I didn't get a mesage like that but sometimes you get mesages if there's a new message(in your topic) for you but i don't know what this means.
_ <img src="http://www.piratesahoy.com/forum/style_emoticons/<#EMO_DIR#>/huhh.gif" style="vertical-align:middle" emoid=":eek:k" border="0" alt="huhh.gif" /> ________________
 
Per Burning Brig thread, the website was hacked, and one of the hacks was changing all URLs that had piratesahoy in them to `pirates-hacked`-`by-whatever`, and pirates ahoy! to "come play security with us #StOORm irc.gigachat.net" or whatever

So the email is normal, it's just certain phrases, since the Evil Dude did a global `search-replace`, have hacked phrases in them.
 
hah, they hacked the automated response....

I never thought of checking that. Ill fix it up the hole in the board has been fixed so there will not be any more unfortunate situations
 
Ok its an sql injection. ( i think thatks the name for it) i think it is fixed now, ill have a quick test. I tink they changed the site title in the sql saetting so anyting that injected {sitename} would give the l33t haxor thing in
 
You must log in or register to reply here.
Back
Top