Go Back   Team-BHP > Around the Corner > Shifting gears


Reply
 
Thread Tools Search this Thread
Old 27th November 2011, 14:25   #31
Newbie
 
Join Date: Aug 2009
Location: Bangalore
Posts: 5
Thanked: 0 Times
Default re: Email saying Team-BHP Account Locked? Don't worry - see pg 3

Same here!

Got a mail on login attempt from 46.246.89.162 at 3.26AM
indianmaverick is offline   Reply With Quote
Old 27th November 2011, 14:30   #32
BHPian
 
motorpsycho's Avatar
 
Join Date: Jul 2009
Location: Hubli
Posts: 334
Thanked: 110 Times
Default re: Email saying Team-BHP Account Locked? Don't worry - see pg 3

Guys,

Just wondering what browsers are you all using? and have you stored the passwords on the browsers?

I too received the emails for the attempted hack.

2 of the IP's where of Russia and One for Netherlands.
motorpsycho is offline   Reply With Quote
Old 27th November 2011, 14:55   #33
Distinguished - BHPian
 
CrAzY dRiVeR's Avatar
 
Join Date: Jun 2006
Location: Bangalore / TVM
Posts: 8,407
Thanked: 14,160 Times
Default re: Email saying Team-BHP Account Locked? Don't worry - see pg 3

Quote:
Originally Posted by tsk1979 View Post
Guys please do not use browser to store your password in unencrypted form. A malicious site can read browser information, esp if your PC is compromised.
As for team BHP password, its easy to make tough passwords to crack.

For example, if you love the song, for whom the bells toll

You can make a password like
4whomTbellsT011

You will remember this password, but its a hard nut to crack by brute force.

If you are using an unfamiliar computer, is https://www.team-bhp.com/forum while logging in instead of http which is prone to man in the middle attack
What about 'keep me signed in till i log out' option? Is it safe to use?

I have used that option to prevent typing the password every time i log into team-bhp.
CrAzY dRiVeR is offline   Reply With Quote
Old 27th November 2011, 15:19   #34
BHPian
 
Join Date: Dec 2007
Location: Bangalore
Posts: 683
Thanked: 235 Times
Default re: Email saying Team-BHP Account Locked? Don't worry - see pg 3

This mail is in my in box
===========================
Dear RajeshK,

Your account on Team-BHP has been locked because someone has tried to log into the account with the wrong password more than 5 times. You will be able to attempt to log in again in another 15 minutes.

The person trying to log into your account had the following IP address: 110.138.209.11

Don't forget that the password is case sensitive. Forgotten your password? Use the link below:
Team-BHP - Lost Password Recovery Form

All the best,
Team-BHP

==========================

And the IP details are

============================
IP: 110.138.209.11
Decimal: 1854591243
Hostname: 11.subnet110-138-209.speedy.telkom.net.id
ISP: PT TELKOM INDONESIA
Organization: PT TELKOM INDONESIA
Services: Confirmed proxy server
Type: Unknown
Assignment: Static IP
Blacklist:

Geolocation Information
Country: Indonesia
State/Region: Jawa Timur
City: Maesan
Latitude: -7.9667
Longitude: 111.9333
==========================

Last edited by RajeshK : 27th November 2011 at 15:22. Reason: Adding the IP details
RajeshK is offline   Reply With Quote
Old 27th November 2011, 16:39   #35
GTO
Team-BHP Support
 
GTO's Avatar
 
Join Date: Feb 2004
Location: Bombay
Posts: 46,512
Thanked: 80,158 Times
Default re: Email saying Team-BHP Account Locked? Don't worry - see pg 3

Guys,

Don't worry. Neither has Team-BHP been hacked, nor have any of your passwords been compromised (server end).

This is basically an automated bot trying to gain access to your profile, similar to how they try & gain access to your gmail / hotmail account. The purpose is simple : (Presumably) to post marketing & spam links on the forum.

That said, please ensure:

- That you choose a strong password. Ideally, it would have a mix of CAPS / Non-cap alphabets, special characters (*&*&"&""$) and numbers. Keep it atleast 15 - 18 characters long.

- Do keep your computer operating system fully updated, and supported by a good anti-virus software (I recommend Kaspersky).
GTO is offline   Reply With Quote
Old 27th November 2011, 22:07   #36
Senior - BHPian
 
esteem_lover's Avatar
 
Join Date: Jul 2006
Location: Madras/Py
Posts: 7,554
Thanked: 433 Times
Default re: Email saying Team-BHP Account Locked? Don't worry - see pg 3

Happened to me as well. Thanks GTO.
esteem_lover is offline   Reply With Quote
Old 28th November 2011, 00:55   #37
Team-BHP Support
 
tsk1979's Avatar
 
Join Date: Feb 2005
Location: New Delhi
Posts: 22,850
Thanked: 15,406 Times
Default re: Email saying Team-BHP Account Locked? Don't worry - see pg 3

Quote:
Originally Posted by CrAzY dRiVeR View Post
What about 'keep me signed in till i log out' option? Is it safe to use?

I have used that option to prevent typing the password every time i log into team-bhp.
Yup, its safe. In this case all the server does it keep cookie on your browser. Password actually is not stored
tsk1979 is offline   Reply With Quote
Old 28th November 2011, 11:41   #38
Senior - BHPian
 
Join Date: Apr 2008
Location: Dombivli/Gurgao
Posts: 2,602
Thanked: 1,119 Times
Default Re: Suggestions for Team-BHP from Team-BHPians

Not much, at least financially. They could probably screw your PR by sending out PMs and making posts in your name, with unacceptable contents. Unless you are storing something concrete about your offline identity in your profile, such as your phone number, address etc.

As for recovering the hacked account, you would have to send a request to the mods, substantiating your claim of the account having been hacked, and they should be able to restore much of the stuff (if they have the backups available), including a new password. This depends on the backup policies of the site maintenance team.
honeybee is offline   Reply With Quote
Old 28th November 2011, 16:27   #39
BHPian
 
iron's Avatar
 
Join Date: Nov 2009
Location: Bombay
Posts: 226
Thanked: 30 Times
Default re: Email saying Team-BHP Account Locked? Don't worry - see pg 3

Similar attempt on my account as well.
Traced it to Brasil.
I really doubt if its someone from Brasil.
The cracker has probably routed the password cracking through a proxy server in brasil.
For other members as well who are posting IP's of different countries its the same method.
Apart from the ad bot that GTO has mentioned.
My wild guess is someone's teambhp membership got rejected too many times and he/she is pissed.
iron is offline   Reply With Quote
Old 28th November 2011, 18:51   #40
BHPian
 
jkrishnakj's Avatar
 
Join Date: Apr 2010
Location: Bangalore
Posts: 493
Thanked: 302 Times
Default re: Email saying Team-BHP Account Locked? Don't worry - see pg 3

Hapenned with me as well. I could trace this to Indonesia. Thanks GTO for reassuring. It has now prompted me to go and change my password.
jkrishnakj is offline   Reply With Quote
Old 29th November 2011, 09:29   #41
BHPian
 
pravingmh's Avatar
 
Join Date: May 2011
Location: Bangalore
Posts: 62
Thanked: 14 Times
Default re: Email saying Team-BHP Account Locked? Don't worry - see pg 3

Quote:
Originally Posted by prateekm View Post
I guess this isn't a hacking attempt by someone since it's not possible to get the email id's with which your TBHP ID is registered unless there is a vulnerability in VBulletin and the hacker can access the database.
This might be a bot scraping the members list. Is there a way to protect the members list for logged in users only in VBulletin?
pravingmh is offline   Reply With Quote
Old 29th November 2011, 11:02   #42
BHPian
 
prateekm's Avatar
 
Join Date: Nov 2009
Location: Mumbai & BLR
Posts: 755
Thanked: 307 Times
Default re: Email saying Team-BHP Account Locked? Don't worry - see pg 3

Quote:
Originally Posted by pravingmh View Post
This might be a bot scraping the members list. Is there a way to protect the members list for logged in users only in VBulletin?
Possible, yes. The sub-forums can be hidden and threads can be made visible only for members. But that would beat the whole purpose of the site since there are many who aren't members but still visit the forums and surf the site.

Last edited by prateekm : 29th November 2011 at 11:04.
prateekm is offline   Reply With Quote
Old 29th November 2011, 11:09   #43
BHPian
 
Join Date: Jun 2011
Location: Ahmedabad
Posts: 318
Thanked: 166 Times
Default Re: Team-BHP Account Locked

Quote:
Originally Posted by GTO View Post
Guys,

Don't worry. Neither has Team-BHP been hacked, nor have any of your passwords been compromised (server end).

This is basically an automated bot trying to gain access to your profile, similar to how they try & gain access to your gmail / hotmail account. The purpose is simple : (Presumably) to post marketing & spam links on the forum.
Thanks for the reassurance.

I actually had 04 mails within 55 seconds of one another stating the same thing (saw the other three mails later as they found their way to my bulk / spam mail folder), only the ip addresses mention were quite dissimilar.

My query is - if the account is locked once for full 15 minutes, would the system still keep on sending 'Account locked" message?

Just thought of bringing this to your notice, in case something needs to be looked into.
RadiantKarma is offline   Reply With Quote
Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search


Similar Threads
Thread Thread Starter Forum Replies Last Post
Team-Bhp flooding your email? Solution posted here! Sahil Shifting gears 29 22nd August 2007 10:12


All times are GMT +5.5. The time now is 05:37.

Copyright 2000 - 2017, Team-BHP.com
Proudly powered by E2E Networks