Welcome to Inkbunny...
Allowed ratings
To view member-only content, create an account. ( Hide )
AishaLove

New exploit may compromise your FA account. (please repost)

Recently an exploit has been found that allows a bot or someone other then you to create a journal under your FA user ID.

I don't understand the exploit, but if you see a journal linking to something, ask the person if it's legit. Also check your journals and make sure there is nothing you don't remember posting, if there is, delete it right away and inform your watchers.

If you have clicked any suspicious links from any of these journal entries, please change your password ASAP!
Viewed: 23 times
Added: 7 years, 2 months ago
 
drakiskier
7 years, 2 months ago
by the time i got to check my stuff today, i had nearly 50 deleted journals, so i think the admins are already on the case for sealing the exploit.     i checked and i didnt have any journals posted that i didnt make myself...

and it bet its not an 'exploit' in as much as its a bot taking the list of most commonly used passwords that was posted on the net of late and systematically trying every account and posting that journal.
AishaLove
7 years, 2 months ago
No it's an exploit, anyone can be effected, it hijacks your session cooky to send a false add journal packet. That's how it posts for you, the risk to your account being compromised is clicking those links, because someone using this exploit could phish for account info by inserting their links into trusted user's journals.
drakiskier
7 years, 2 months ago
ahh.

just another hole in the sinking ship of FA
Skunket
7 years, 2 months ago
Admins never do nothing, probably journals got deleted by they own owners
Tuqui
7 years, 2 months ago
Thanks ^.=.^
AishaLove
7 years, 2 months ago
well it seems this is one of the good guys, this person "Evee" found this exploit back in October and told FA, but they did nothing. These links don't do anything harmful, they just post a journal with a link that posts a copy of that journal, it's just a demonstration of the exploit, he is not using it maliciously.
Tuqui
7 years, 2 months ago
Sometimes that's better, I saw people do this harmless to teach the admins, i seen couple of more funny ones too :P
New Comment:
Move reply box to top
Log in or create an account to comment.