Inkbunny

IB Gear Latest Popular Members Search
 
Welcome to Inkbunny...
Allowed ratings
To view member-only content, create an account. ( Hide )
AishaLove

New exploit may compromise your FA account. (please repost)

by
Recently an exploit has been found that allows a bot or someone other then you to create a journal under your FA user ID.

I don't understand the exploit, but if you see a journal linking to something, ask the person if it's legit. Also check your journals and make sure there is nothing you don't remember posting, if there is, delete it right away and inform your watchers.

If you have clicked any suspicious links from any of these journal entries, please change your password ASAP!
Viewed: 24 times
Added: 12 years, 10 months ago
 
7 Comments on this Journal
Leave a Comment...
drakiskier
drakiskier
12 years, 10 months ago
link
by the time i got to check my stuff today, i had nearly 50 deleted journals, so i think the admins are already on the case for sealing the exploit.     i checked and i didnt have any journals posted that i didnt make myself...

and it bet its not an 'exploit' in as much as its a bot taking the list of most commonly used passwords that was posted on the net of late and systematically trying every account and posting that journal.
AishaLove
AishaLove
12 years, 10 months ago
link
No it's an exploit, anyone can be effected, it hijacks your session cooky to send a false add journal packet. That's how it posts for you, the risk to your account being compromised is clicking those links, because someone using this exploit could phish for account info by inserting their links into trusted user's journals.
drakiskier
drakiskier
12 years, 10 months ago
link
ahh.

just another hole in the sinking ship of FA
Skunket
Skunket
12 years, 10 months ago
link
Admins never do nothing, probably journals got deleted by they own owners
Tuqui
Tuqui
12 years, 10 months ago
link
Thanks ^.=.^
AishaLove
AishaLove
12 years, 10 months ago
link
well it seems this is one of the good guys, this person "Evee" found this exploit back in October and told FA, but they did nothing. These links don't do anything harmful, they just post a journal with a link that posts a copy of that journal, it's just a demonstration of the exploit, he is not using it maliciously.
Tuqui
Tuqui
12 years, 10 months ago
link
Sometimes that's better, I saw people do this harmless to teach the admins, i seen couple of more funny ones too :P
New Comment:
Move reply box to top
Log in or create an account to comment.
 

Help

Information

Policy & Legal

Twitter Facebook LinkedIn

All artwork and other content is copyright its respective owners.

Powered by Harmony 'Gravitation' Release 80.

Content Server: Virginia Cache - provided by Inkbunny Donors. Background: Blank Gray.

The Inkbunny web application, artwork, name and logo are copyright and trademark of their respective owners.