# Site General > Site Info >  SECURITY ALERT!! -- Please Read!!

## JLC

Spammers....the parasitic slime of all good internet sites....have found a new technique for infiltrating our site and spreading their filth.  

*I highly encourage...strongly encourage...EVERYone who reads this, if you have a registered account here at BP.net, whether you post every day, or just lurk and read (especially if you just lurk and read, I fear) CHANGE YOUR PASSWORD.  Make it something truly secure, with a mix of uppercase and lowercase letters, numbers, special symbols and no obvious, actual words.*  

Hopefully our tech guy can find this security leak and plug it up tight.  I don't really know how this is being done.  But changing to a truly secure password is the first logical step to keeping the bad guys out.

----------

_Albert Clark_ (03-27-2015),_Clementine_3_ (02-25-2015),Gio (03-30-2015),_Popeye_ (03-31-2015),_Ridinandreptiles_ (03-31-2015),_Snoopyslim_ (07-30-2016),_The Golem_ (02-25-2015),_tttaylorrr_ (03-30-2015),_WarriorPrincess90_ (02-25-2015)

----------


## WarriorPrincess90

Are they hacking legitimate accounts?  :Surprised:

----------


## George1994

Wait, are they getting the passwords of users and taking over their accounts? Could they not just be poor passwords that have been brute forced or figured out from patterns of passwords or even commandeered email accounts? If that is the case, it may not be the sites issue.

----------


## Tsanford

So is the security flaw only effecting weak passwords? If our password already meets your description above does it still need to be changed?

----------


## George1994

It is always good to be safe, however, even if anyone has gotten any access to the site, the passwords shouldn't be stored in plaintext, and should be encrypted. Which they most likely are.

----------


## JLC

> Wait, are they getting the passwords of users and taking over their accounts? Could they not just be poor passwords that have been brute forced or figured out from patterns of passwords or even commandeered email accounts? If that is the case, it may not be the sites issue.


We don't know yet.  The problem MAY be poor passwords that have been "brute forced" and that is the reason for this warning.  If you have a weak password, it needs to be changed.  

Yes, our password database is encrypted.  I can't tell anyone what their password is.  I can only change them if one gets forgotten.  I really don't think the security breach is THAT big that they've gotten into all the actual account keys.  But they've gotten into SOME, and until we know why and how, it behooves everyone to make sure they have something not easily forced. 

If you already have one that you feel is sufficiently strong, it should be fine.  If they can see past the encryption and look at everything anyhow, then changing it wouldn't make much difference anyhow.

----------


## George1994

Nice, this is good news. I doubt they have managed to get the keys, and the sure as hell haven't beaten the encryption haha! My first guess was either brute forcing or people using the same passwords etc. Thanks for the news.

----------


## wolfayal

I only really use my account for lurking and reading purposes, but I did receive an email on 2/12 letting me know someone had unsuccessfully tried to log in to my account. Do you all need/want me to forward it on to you?

----------

jaded (03-10-2015)

----------


## mlededee

This is most likely a matter of accounts with very weak passwords like "password" becoming compromised. However, the fact is, spammers are gaining access to some accounts and it is in everyone's best interest to make sure they have a strong password as mentioned above and it never hurts to update your password to something new just to be on the safe side. If you received an email about someone attempting to log in to your account you should most definitely change your password to something as secure as possible.

----------


## mlededee

We have updated files and changed some settings, so at this point we should be good to go. There were never any security breaches or anything serious, this was just a straightforward dictionary attack that likely picked up on a few accounts with easy passwords. If you have a super simple password, it would still be a good idea to change it to something more secure, but that is true for any web site. If you receive any suspicious private messages in the future please report them and we will take care of the issue right away.

----------

ballpythonluvr (02-26-2015),Citrus (02-25-2015),_Clementine_3_ (02-25-2015),_Felidae_ (02-25-2015),_George1994_ (02-25-2015),JLC (02-25-2015),OhhWatALoser (02-25-2015),_Popeye_ (03-31-2015)

----------


## Citrus

> Spammers....the parasitic slime of all good internet sites....have found a new technique for infiltrating our site and spreading their filth.  
> 
> *I highly encourage...strongly encourage...EVERYone who reads this, if you have a registered account here at BP.net, whether you post every day, or just lurk and read (especially if you just lurk and read, I fear) CHANGE YOUR PASSWORD.  Make it something truly secure, with a mix of uppercase and lowercase letters, numbers, special symbols and no obvious, actual words.*  
> 
> Hopefully our tech guy can find this security leak and plug it up tight.  I don't really know how this is being done.  But changing to a truly secure password is the first logical step to keeping the bad guys out.


I have a concern. I'm using Tapatalk and I rarely look at messages or notifications because there is no banner to show that they're there like on the bp.net website. I looked at it and it said there was something there from someone (can't remember name) and all I was able to read in the preview was something like this "we've found new ways for you to sell your snakes" or something similar. The app failed and it didn't appear in my messages after that. Is this what you were referring to? The message looked like spam and so I brushed it off but now that this thread exists....


Sent from my iPhone using Tapatalk

----------


## George1994

> I have a concern. I'm using Tapatalk and I rarely look at messages or notifications because there is no banner to show that they're there like on the bp.net website. I looked at it and it said there was something there from someone (can't remember name) and all I was able to read in the preview was something like this "we've found new ways for you to sell your snakes" or something similar. The app failed and it didn't appear in my messages after that. Is this what you were referring to? The message looked like spam and so I brushed it off but now that this thread exists....
> 
> 
> Sent from my iPhone using Tapatalk


But it wasn't from you, it was sent to you, no? So no one was using your account.

----------


## Citrus

> But it wasn't from you, it was sent to you, no? So no one was using your account.


Yes and, 



> If you receive any suspicious private messages in the future please report them and we will take care of the issue right away.






Sent from my iPhone using Tapatalk

----------


## George1994

> Yes and, 
> 
> 
> 
> 
> 
> 
> Sent from my iPhone using Tapatalk


It is most likely in regards to phising or identifying accounts taken. Either way, it is gone now so I wouldn't worry about it.

----------

Citrus (02-25-2015)

----------


## Citrus

> It is most likely in regards to phising or identifying accounts taken. Either way, it is gone now so I wouldn't worry about it.


That's exactly what a person who is trying to take over accounts would say..... Lol just kidding  :Very Happy: 


Sent from my iPhone using Tapatalk

----------


## mlededee

Citrus, that is one of the spam messages that was sent. We deleted the spam messages which is why you can no longer see it.

----------

Citrus (02-26-2015)

----------


## Citrus

> Citrus, that is one of the spam messages that was sent. We deleted the spam messages which is why you can no longer see it.


Thank you, I knew that was sketchy


Sent from my iPhone using Tapatalk

----------


## Popeye

I just received this email today:

*************
Dear Popeye,

Someone has tried to log into your account on Ball-Pythons.net Forums with an incorrect password at least 5 times. This person has been prevented from attempting to login to your account for the next 15 minutes.

The person trying to log into your account had the following IP address: 117.169.1.158

All the best,
Ball-Pythons.net Forums.

************

Maybe time to change my password?

----------


## Citrus

I would


Sent from my iPhone using Tapatalk

----------

_Popeye_ (03-30-2015)

----------


## Popeye

Password changed!  :Very Happy:

----------


## Bluebonnet Herp

I can tell anyone right now that if your password is something basic like ninja1234, your account is toast. And you know who you are. Think long and hard about your passwords; get creative and make them more individual, very variable, and ultimately secure. Alternatively, if you're not good at coming up with passwords, then smash your hands on the keyboard for a minute, write down your result, and use that as your password until you eventually remember it, if ever.

----------

dr del (03-31-2015)

----------


## George1994

> I can tell anyone right now that if your password is something basic like ninja1234, your account is toast.


I would say this is completely true. The people trying to get there passwords aren't the people attacking banks or even entire countries. They don't have the capabilities to pull that many passwords as easily as that. My password is only 10 characters long, been perfectly safe. I am pretty certain that is from people using the exact same passwords for other things. Such as Hotmail accounts, seeing as they get hijacked very very often. 

Unfortunately, having an impenetrable password, that is unique for every website, isn't going to happen. Too complex. Banking you need to be secure, this, not so much. 

But, then again, it isn't hard to make a good password people.

----------

_Bluebonnet Herp_ (03-30-2015)

----------


## Shann

> I just received this email today:
> 
> *************
> Dear Popeye,
> 
> Someone has tried to log into your account on Ball-Pythons.net Forums with an incorrect password at least 5 times. This person has been prevented from attempting to login to your account for the next 15 minutes.
> 
> The person trying to log into your account had the following IP address: 117.169.1.158
> 
> ...


I got a similar email a couple weeks ago.

----------


## Citrus

What does anyone gain from login into accounts on this website? Are they going to change someone's 1.2 normals to 30.2 purple passions?


Sent from my iPhone using Tapatalk

----------


## George1994

> What does anyone gain from login into accounts on this website? Are they going to change someone's 1.2 normals to 30.2 purple passions?
> 
> 
> Sent from my iPhone using Tapatalk


Sending spam emails to other users hoping to install viruses, install malware, phish for other information.

----------

Citrus (03-31-2015)

----------


## mooingtricycle

Someone tried logging into my account at 5:47 this morning... Got locked out, but still, that's kinda creepy.

----------


## Citrus

Do you guys think they are more likely to target the members who do not post too often?


Sent from my iPhone using Tapatalk

----------


## Daniel.michelle

I got a notification in my inbox today trying to sell me stuff.  It seemed like a spambot.

----------


## Stewart_Reptiles

> I got a notification in my inbox today trying to sell me stuff.  It seemed like a spambot.


Yep that one was taking care off even the staff received that PM.

Whenever you receive a spammy PM please report it so we are aware of it and can suspend the account while investigating.

----------


## George1994

> Do you guys think they are more likely to target the members who do not post too often?
> 
> 
> Sent from my iPhone using Tapatalk


I doubt they are targeted attacks. Nothing to gain from here. Probably just using hacked emails and similar or very weak passwords. Could post 1000 times a day, if your password is weak it can be broken.

----------


## Boomerang

I know a little about internet security and I can say that it's not likely one guy randomly choosing cheezy passwords, there are Bots out there that will run your account through thousands of possible choices in a very short amount of time to see if any work. So please don't be the compete idiot with the password as "Password", no names of your animals, your city, your car... anything that has anything to do with you.  DON'T use a password that has any correlation to anything you own, where you live, your high school...nothing that is personally identifiable.  THOSE are so EASY and only take a few seconds to figure out,

The Other thing: STOP using the same password for everything you do online.  One password for one account.  Anything else is just being lazy and you deserve what you get because you're basically begging to be hacked.

----------


## George1994

> I know a little about internet security and I can say that it's not likely one guy randomly choosing cheezy passwords, there are Bots out there that will run your account through thousands of possible choices in a very short amount of time to see if any work.


Doubt it, does this website not block access to your account after a few incorrect attempts like most websites?

----------


## Citrus

I got a message trying to sell me stuff... Had a link to eBay.


Sent from my iPhone using Tapatalk

----------


## JLC

> I got a message trying to sell me stuff... Had a link to eBay.
> 
> 
> Sent from my iPhone using Tapatalk


A private message sent to you here?  Please send that to me or another staff member.  There should be a "report" button somewhere on the private message that you can use.  If you can't find that, you can copy/paste the message, but be sure to include the sender's name.

EDIT for PS:  If that private message has suddenly disappeared, that means we've already found the hijacked account and deleted all sent messages from that account.

----------


## CatandDiallo

It's happening again!

----------


## piedlover79

Ack!  The spambot has struck again!

----------


## dr del

You need to report the PM so we know which user is sending them out.  :Wink:

----------

