Friday, July 21, 2006
Forum Spam Lists
I hate signing up to forums. There are a number of sites I visit regularly and read their forums, but never sign up even if I have something useful to say. I hate giving out my email address, even throw away addresses because then I still have to remember what I used and the password.
I am also always a bit worried about the site selling members' email addresses or accidently letting them leak. Well it looks like the latter has recently been happening with Invision Power Boards though it is certainly only the latest to be compromised.
I first heard about this at one of those forums I read but don't sign up for, someone noticed they were getting spam at a site specific address used only at that forum. He isn't the only one.
At Neowin, a hacker setup the site to download some Windows exploits when visited with IE. It was that malfomed .WMF file exploit from a while back which would only hit unpatched Windows system, but surely there are still plenty of those.
It seems Invision already has a fix for this, but of course no one keeps up on security patches. They also have a new version that includes this fix and now has a virus scanner built in.
I am also always a bit worried about the site selling members' email addresses or accidently letting them leak. Well it looks like the latter has recently been happening with Invision Power Boards though it is certainly only the latest to be compromised.
I first heard about this at one of those forums I read but don't sign up for, someone noticed they were getting spam at a site specific address used only at that forum. He isn't the only one.
At Neowin, a hacker setup the site to download some Windows exploits when visited with IE. It was that malfomed .WMF file exploit from a while back which would only hit unpatched Windows system, but surely there are still plenty of those.
It seems Invision already has a fix for this, but of course no one keeps up on security patches. They also have a new version that includes this fix and now has a virus scanner built in.