WELCOME TO RIVER DAVES PLACE

RdP hack....questions

riverroyal

Well-Known Member
Joined
Nov 4, 2007
Messages
9,495
Reaction score
9,257
Ive been pretty busy but i have stopped by and seen the hack stuff.
For a non tech guy like me, exactly what is happening?
Is a bug embedded into the site?
Is it automatically running or is there someone clicking a mouse ?
Is it safe to be on here?
Who fixes it? Im sure dave is pissed.
Is it random or targeted?

Ok, back to my sushi..
 

RiverDave

In it to win it
Joined
Sep 13, 2007
Messages
104,476
Reaction score
85,781
It’s an automatic thing (or cheap labor) registering new accounts with multiple IP addresses and posting various threads.


The website used to be we would have to approve every account. You guys have no idea how much work they is.

We switched to an automated system that weeds 99% of it but their is a new tool out that is by passing it.

I’m gonna have to institute more tech or more manual labor either way next week. IT guys are crazy busy finishing something for me, and it’s worth dealing with this to get it finished.

I will probably have them switch back to manual account activation tomorrow and I’ll waste 45 min a day just doing it.
 

riverroyal

Well-Known Member
Joined
Nov 4, 2007
Messages
9,495
Reaction score
9,257
Thanks for the info. So just a random thing forums get? What is the purpose of it? Just someone being a dick?
Maybe im too simple, but i think theres a financial gain as a reward for effort. Meaning why the fuck woukd someone spend time unleashing this unless there finance gain
 

LargeOrangeFont

Steering RDP Towards Political Moderation 😁
Staff member
Joined
Sep 4, 2015
Messages
26,424
Reaction score
34,561
As Dave noted, I would not classify it as a “hack” per se. It was an exploitation of the software that runs the site.

To put it into perspective the term “Hack” is used by most people the same way the term “Assault Rifle” is used by most people.

It can have many meanings but a “hack” is not always someone brute forcing their way through software or a bug.

If you leave a network port open at work, and someone plugs a computer in and steals data, you weren’t hacked, your company was just compromised by their own poor security policy. That would be the same as leaving your front door wide open all day as you left for work every day then wondering why all your stuff was stolen from your house.
 

LargeOrangeFont

Steering RDP Towards Political Moderation 😁
Staff member
Joined
Sep 4, 2015
Messages
26,424
Reaction score
34,561
As a non tech guy hack covers everything. Not operating normal, yeap thats a hack for me .
Understood. The term does cover everything.

Just know that not all “hacks” are equal. Sometimes people say they were “hacked” when they left a webpage open logged into their social media account. Most hacks are the result of users doing something dumb and in essence leaving a door open for an attacker to waltz on in.
 

riverroyal

Well-Known Member
Joined
Nov 4, 2007
Messages
9,495
Reaction score
9,257
Understood. The term does cover everything.

Just know that not all “hacks” are equal. Sometimes people say they were “hacked” when they left a webpage open logged into their social media account. Most hacks are the result of users doing something dumb and in essence leaving a door open for an attacker to waltz on in.
I get that. But what is the motivation to do it?
I always have a hard time believing its just for fun. Is there no real gain for the person that creates this type of thing?
Sorry, im intrigued by these things and dont know much about it. My work group and social group is very much like me, we are not in the tech or computer world.
 

CJ_Donahue

Well-Known Member
Joined
May 24, 2018
Messages
1,016
Reaction score
2,231
Democrats.....snowflakes. Retaliation for the P&G Section. :)
I know you were joking but it act actually crossed my mind. RDP is one of the very few consistent pro Trump sites I know that is still open to the public. It is not controlled by facebook and not a political site either. There are plenty of people who would not be sad if this site was hurt.
 

LargeOrangeFont

Steering RDP Towards Political Moderation 😁
Staff member
Joined
Sep 4, 2015
Messages
26,424
Reaction score
34,561
I get that. But what is the motivation to do it?
I always have a hard time believing its just for fun. Is there no real gain for the person that creates this type of thing?
Sorry, im intrigued by these things and dont know much about it. My work group and social group is very much like me, we are not in the tech or computer world.

It’s just a test. The likely goal is to get users to click malicious links. They are probably not trying to get info from the site, but rather get info from users on the site by directing them them to other malicious sites.
 

SpeedyWho

Well-Known Member
Joined
Jul 17, 2018
Messages
486
Reaction score
1,147
I’ve seen it happen on other forums visit. I’m sure it’s troublesome for the owners of the sites but it doesn’t seem to do anything malicious, just a pain in the ass.
 

monkeyswrench

Well-Known Member
Joined
Sep 7, 2018
Messages
10,173
Reaction score
19,719
It’s an automatic thing (or cheap labor) registering new accounts with multiple IP addresses and posting various threads.


The website used to be we would have to approve every account. You guys have no idea how much work they is.

We switched to an automated system that weeds 99% of it but their is a new tool out that is by passing it.

I’m gonna have to institute more tech or more manual labor either way next week. IT guys are crazy busy finishing something for me, and it’s worth dealing with this to get it finished.

I will probably have them switch back to manual account activation tomorrow and I’ll waste 45 min a day just doing it.
So the IT guys are finishing something for RD, and I'm the only curious one?
Center Console Dave's?
Havasu Boat Exchange?
RD's Limo and Bus (Concierge stuff, from bar to bar, or showroom to launch;))

Or...

maybe I'll finally get a middle finger emoji, or a barfing one!
 

JayBreww

Well-Known Member
Joined
Dec 22, 2015
Messages
1,242
Reaction score
1,695
So the IT guys are finishing something for RD, and I'm the only curious one?
Center Console Dave's?
Havasu Boat Exchange?
RD's Limo and Bus (Concierge stuff, from bar to bar, or showroom to launch;))

Or...

maybe I'll finally get a middle finger emoji, or a barfing one!
I just wanna see TPC’s signatures on the app....


Sent from my iPhone using Tapatalk
 

mjc

Retired Neighbor
Joined
Jan 3, 2008
Messages
8,923
Reaction score
4,611
Rd do you do the mail a link and then come back in thing when somebody signs up or something else?
 

02HoWaRd26

Well-Known Member
Joined
Dec 19, 2007
Messages
6,826
Reaction score
12,694
Thanks for the info. So just a random thing forums get? What is the purpose of it? Just someone being a dick?
Maybe im too simple, but i think theres a financial gain as a reward for effort. Meaning why the fuck woukd someone spend time unleashing this unless there finance gain
That seems similar to any and all Grad’s posts. I’ve actually found these Chinese recipes more enjoyable than his posts.
 

Racey

Maxwell Smart-Ass
Joined
Sep 18, 2007
Messages
16,159
Reaction score
24,018
When you see those "I am not a robot" recaptchas online, this is exactly what they are preventing.
 

ka0tyk

Well-Known Member
Joined
Oct 4, 2010
Messages
7,516
Reaction score
5,990
shogun is now an approved advertiser on RDP, they were posting their weekend specials.
 

rivermobster

Club Banned
Joined
Dec 28, 2009
Messages
39,149
Reaction score
19,898
I get that. But what is the motivation to do it?
I always have a hard time believing its just for fun. Is there no real gain for the person that creates this type of thing?
Sorry, im intrigued by these things and dont know much about it. My work group and social group is very much like me, we are not in the tech or computer world.
Here is a real world example for you...

I built a site for one of the members on here. When it was done, we sat down to Google his competition in the area, to make sure his site was showing first. He knew most every other guy in his business, except for one, that was a couple of cities away.

Me: So click it! Let's find out who this is!

Us: Oh fuck...

The site was for a legitimate business, but there was and add for Viagra showing instead!!! lol The site had been hacked, and the business owner had no idea.

Why?

All it would take would be one dumbazz, putting in his credit card, to buy Viagra on the sly, and now they have the CC information!

So..................

I went by the business, since it was on my way to work, and asked em: Did you know your web site has been hacked??

Them: No it's not, see? It's just fine! And they pulled it up on THEIR computer.

Me: Try and pull the site up on your phone, not hooked to your wifi, now what do you see?

Them: Uhhhhh...ohhhhhh.

After I convinced em, I wasn't the guy that did it, I ended up with a new client.

And everyone lived happily ever after!

@Inland Air Balance

This is just ONE example. As LOF said, there are many different was an unsecured site can be exploited. This site (RDP) is safe. :)
 

monkeyswrench

Well-Known Member
Joined
Sep 7, 2018
Messages
10,173
Reaction score
19,719
Here is a real world example for you...

I built a site for one of the members on here. When it was done, we sat down to Google his competition in the area, to make sure his site was showing first. He knew most every other guy in his business, except for one, that was a couple of cities away.

Me: So click it! Let's find out who this is!

Us: Oh fuck...

The site was for a legitimate business, but there was and add for Viagra showing instead!!! lol The site had been hacked, and the business owner had no idea.

Why?

All it would take would be one dumbazz, putting in his credit card, to buy Viagra on the sly, and now they have the CC information!

So..................

I went by the business, since it was on my way to work, and asked em: Did you know your web site has been hacked??

Them: No it's not, see? It's just fine! And they pulled it up on THEIR computer.

Me: Try and pull the site up on your phone, not hooked to your wifi, now what do you see?

Them: Uhhhhh...ohhhhhh.

After I convinced em, I wasn't the guy that did it, I ended up with a new client.

And everyone lived happily ever after!

@Inland Air Balance

This is just ONE example. As LOF said, there are many different was an unsecured site can be exploited. This site (RDP) is safe. :)
Wow, I'm new to technology stuff. I didn't know stuff like that even happened. I guess I prefer my crime the old fashioned way...

On the other hand, now I know why my Viagra didn't show up:D
 

rmarion

Well-Known Member
Joined
Mar 14, 2008
Messages
5,671
Reaction score
8,895
Here is a real world example for you...

I built a site for one of the members on here. When it was done, we sat down to Google his competition in the area, to make sure his site was showing first. He knew most every other guy in his business, except for one, that was a couple of cities away.

Me: So click it! Let's find out who this is!

Us: Oh fuck...

The site was for a legitimate business, but there was and add for Viagra showing instead!!! lol The site had been hacked, and the business owner had no idea.

Why?

All it would take would be one dumbazz, putting in his credit card, to buy Viagra on the sly, and now they have the CC information!

So..................

I went by the business, since it was on my way to work, and asked em: Did you know your web site has been hacked??

Them: No it's not, see? It's just fine! And they pulled it up on THEIR computer.

Me: Try and pull the site up on your phone, not hooked to your wifi, now what do you see?

Them: Uhhhhh...ohhhhhh.

After I convinced em, I wasn't the guy that did it, I ended up with a new client.

And everyone lived happily ever after!

@Inland Air Balance

This is just ONE example. As LOF said, there are many different was an unsecured site can be exploited. This site (RDP) is safe. :)
so what was the cost of the Viagra? Just asking for a friend
 

rivermobster

Club Banned
Joined
Dec 28, 2009
Messages
39,149
Reaction score
19,898
Wanna move to Iceland?? :D

https://arstechnica.com/tech-policy/2018/03/bitcoin-thirst-spurs-icelandic-heist-grand-theft-on-a-scale-unseen-before/

Eleven people have been arrested in Iceland as a result of what local media are calling the “Big Bitcoin Heist”—600 mining computers were recently stolen from Icelandic data centers in four separate burglaries between December 2017 and January 2018.

According to the Associated Press, which cited Icelandic authorities, the heist is “the biggest series of thefts ever” in the island nation.

So far, a Reykjanes District Court judge ordered two of the 11 arrested individuals to remain in custody. Apparently, the specialized machines have not yet been located and are worth approximately $2 million.

"This is a grand theft on a scale unseen before," Olafur Helgi Kjartansson, the police commissioner on the southwestern Reykjanes Peninsula (where two of the burglaries took place), told the AP. "Everything points to this being a highly organized crime."

Given that electricity is relatively cheap in Iceland compared to other parts of Europe thanks to the country's plentiful geothermal energy, Bitcoin mining has been in high demand despite Iceland's population of just over 300,000 people. Later this year, Bitcoin mining is expected to draw more energy than all of its residents combined.
 

nameisbond

Well-Known Member
Joined
Sep 1, 2017
Messages
4,015
Reaction score
2,274
Its annoying!!!!!! My cell keeps getting a call that's a recording in Chinese plays when you answer. I've tried blocking them, they just call again from a different number. If I don't answer, it fills my voicemail in Chinese. My SIL is Chinese and I like her. But its hard not to be racist!
 

Yellowboat

Well-Known Member
Joined
Dec 18, 2007
Messages
16,110
Reaction score
6,352
It's just some one trying to cheat people out if money. All it takes is one gullible person to make it worth thier time.

It happens on pretty much every forum out there from time to time. I have seen it on the small ones, the big ones and every where in between.
 

2Driver

Well-Known Member
Joined
Dec 21, 2007
Messages
12,045
Reaction score
14,751
I always thought buying space on Hilary’s basement server was a bad idea
 

gqchris

Well-Known Member
Joined
Mar 24, 2008
Messages
5,269
Reaction score
4,764
Understood. The term does cover everything.

Just know that not all “hacks” are equal. Sometimes people say they were “hacked” when they left a webpage open logged into their social media account. Most hacks are the result of users doing something dumb and in essence leaving a door open for an attacker to waltz on in.
Im in IT. 99% of “hacks” are socially engineered. Human Error or Laziness or SOP’s werent followed.

This falls under lazy. Nothing against Dave. He admits it took forever to manually approve every new account. But there is a consequence for automation.

I use TFA, two factor authentication, for EVERYTHING important. Meaning I get a text, or use my Googe Authenticator app to get a 1 time code to login. Its a pain in ass. Yes. But its peace of mind.

And for heavens sake, if you use the same password for here as you do your bank or email, please change it! Dont use secure passwords on forums, sign ups etc.

Rant Done. Lol

IMG_1497.jpg
 

LargeOrangeFont

Steering RDP Towards Political Moderation 😁
Staff member
Joined
Sep 4, 2015
Messages
26,424
Reaction score
34,561
Im in IT. 99% of “hacks” are socially engineered. Human Error or Laziness or SOP’s werent followed.

This falls under lazy. Nothing against Dave. He admits it took forever to manually approve every new account. But there is a consequence for automation.

I use TFA, two factor authentication, for EVERYTHING important. Meaning I get a text, or use my Googe Authenticator app to get a 1 time code to login. Its a pain in ass. Yes. But its peace of mind.

And for heavens sake, if you use the same password for here as you do your bank or email, please change it! Dont use secure passwords on forums, sign ups etc.

Rant Done. Lol

View attachment 795410

We should talk again about work. I’m in enterprise sales for an IT integrator/service provider.
 

C-2

Well-Known Member
Joined
Sep 26, 2007
Messages
9,543
Reaction score
4,133
I maintain a simple website, but due to the services offered, it kind of invites hackers to attack it. But, it has always been a secure site and now it is proxied behind Cloudflare. Thus far, no problems.

X2 on 2-factor on everything, all easily managed by the Authy App. RoboForm to manage the countless numbers of unique passwords.

I imagine a captcha system and email verification along with a simple security rule would make small work of the Asian invasion. Cloudflare offers country IP blocks, or challenge questions, I wonder how much it costs for a BB?

While poking around on Cloudflare I stumbled on their WARP/1.1.1.1 project..hmmm, looks pretty bad ass.
 

riverroyal

Well-Known Member
Joined
Nov 4, 2007
Messages
9,495
Reaction score
9,257
Great info....thanks
Sand sport sunday for us maybe.
Kaaboo for Friday and Saturday. My liver and feet might be in bad shape
 
Top