PDA

View Full Version : Password Brute-Forcing Issue for Stoic accounts?



Shadow of Light Dragon
04-29-2015, 07:52 PM
I was just informed by the Stoic autobot that a Chinese IP attempted to brute force my password here 5 times and failed.

Don't know if that's happening to anyone else, but thought I'd warn people to check their passwords aren't easy guesses for hackers.

victorvusa
04-29-2015, 09:30 PM
I was just informed by the Stoic autobot that a Chinese IP attempted to brute force my password here 5 times and failed.
...

I confirm that the very same thing happened to me today for my Stoic ID. Hate to think somebody(s) is/are skimming the userlist and just scattergunning guesses. Don't forums attempt to detect that behavior nowadays and then dynamically block? What I mean is, yes, it blocked after 5 attempts, but once more than one account name is tried from the same place I'd have thought the server software would start ignoring the IP address outright.

Interesting... this is my first time posting with this account to the Stoic forums, but I see that my profile has had nearly 3 dozen views despite having no profile content of any kind. Related somehow?

Shadow of Light Dragon
04-29-2015, 09:41 PM
I confirm that the very same thing happened to me today for my Stoic ID. Hate to think somebody(s) is/are skimming the userlist and just scattergunning guesses. Don't forums attempt to detect that behavior nowadays and then dynamically block? What I mean is, yes, it blocked after 5 attempts, but once more than one account name is tried from the same place I'd have thought the server software would start ignoring the IP address outright.

This is troubling. :/


Interesting... this is my first time posting with this account to the Stoic forums, but I see that my profile has had nearly 3 dozen views despite having no profile content of any kind. Related somehow?

Maybe. I just checked my own and it's at over 200 views.

Overture
04-29-2015, 11:36 PM
Happened to me as well - IPtrace showed it as originating in Germany.

Aleonymous
04-30-2015, 02:21 AM
Hmmm, this is troubling... :( It didn't happen to me (yet).

Philomelle
04-30-2015, 08:47 AM
Happened to me just now. IP checked in as originating in Beijing, China, which is quite a ways from where I am.

I also checked my profile and it sits at 71 views despite never having been used until now.

I wonder if someone is unnecessarily eager to get their mitts on a backer account.

mucioscevola
05-02-2015, 10:42 AM
109 visits on my profile (and i have never been able to post... lol)

Aleonymous
05-03-2015, 03:42 AM
@mucioscevola - Did you get that email notification about your account-password as well?

mucioscevola
05-03-2015, 08:12 AM
Not really. Just curious about the visits on my profile since my account is barely 1 month old!

Aleonymous
07-11-2015, 03:23 PM
I finally got that email notifications as well:


<tbs-forum@stoicstudio.com>

Dear Aleonymous,

Someone has tried to log into your account on Stoic with an incorrect password at least 5 times. This person has been prevented from attempting to login to your account for the next 15 minutes.

The person trying to log into your account had the following IP address: 176.10.99.209

All the best,
Stoic

Daetrin
07-19-2015, 10:43 PM
Same here just now, but from IP address 171.25.193.20 for me.

Edit: Also looks like my profile has has 124 visits. Not sure if that's a lot or not, considering this is my first real activity on the site.

Khaerukama'o
07-21-2015, 10:04 AM
Just had that same email today, the IP address trying to access my account was 188.138.17.15, which is apparently from Strasbourg, France...

Erroneus
08-04-2015, 05:13 AM
Same here, IP 93.115.241.2 from China.

Weird. Glad I'm using unique strong passwords.

Fjcx
08-06-2015, 08:02 AM
same here also, IP 185.62.188.14 seems to be Tor exit node.

mistakeagian
08-07-2015, 09:35 PM
I just got this message, too. Is Stoic looking in to this?

Aleonymous
08-08-2015, 04:12 AM
When this was first reported, they said that such attacks are not uncommon (in the internet, generally speaking, I presume) and not to worry about, as long as accounts are not actually breached... I got only one email-notification, so I guess that once the intruder makes his 5 (failed) attempts and is blocked, he doesn't come back, not even through a different IP. So far there hasn't been a report of a breached account but, in any case, I can't say what the intruder intends to do once he makes it inside an account (maybe try to use same credentials to breach an email?).

EDIT -- Looking back at the IP my account got assailed from, it is placed in Switzerland and has an abnormal forum-activity, according to this: https://www.stopforumspam.com/ipcheck/176.10.99.209. The Internet has also blacklisted it across several sites/databases.

RabidChinaGirl
08-19-2015, 12:00 AM
When this was first reported, they said that such attacks are not uncommon (in the internet, generally speaking, I presume) and not to worry about, as long as accounts are not actually breached... I got only one email-notification, so I guess that once the intruder makes his 5 (failed) attempts and is blocked, he doesn't come back, not even through a different IP. So far there hasn't been a report of a breached account but, in any case, I can't say what the intruder intends to do once he makes it inside an account (maybe try to use same credentials to breach an email?).

Hope you're right about this.

Got the same auto alert around 10 minutes ago. Tor IP was: 45.63.13.162

Surtr
08-19-2015, 12:22 PM
Same thing happened to me earlier today. Somebody attempted to brute force my account. Fortunately my password isn't that easy to crack. IP was 37.187.129.166, which points to France, though the perpetrator is probably not actually there.