Hello Derkyit also looks like legit accounts were compromised.
A colleague brought your topic to my attention the day before yesterday. We've been seeing exactly the same problem for a few weeks now: old, long-unused accounts that were previously used for normal posts are now suddenly being abused for spam. With the exact same URL as a link in the post.
I've been working on an extension for 2 weeks. This is designed to combat the potential problem with old accounts. We are currently testing the extension within the team. In this context, I also try to collect further information in parallel.
If I understand your starting post correctly (with my terrible English ^^), then the phpBB logins were not hijacked using compromised email accounts, but in some other way. This would also correspond to our assumptions, since the PW reset would be the only way to hijack a phpBB account via email.
And my extension is also based on the assumption that the email account is not affected.
My question now is: have you received any new information about how the phpBB login data was compromised?
Statistics: Posted by LukeWCS — Thu Mar 21, 2024 6:09 pm