Spam from MFL (1 Viewer)

[scientist]

I initially had this in the FFA, but someone suggested I move it here.

It appears the MFL forum "support" account may have been compromised. I've been getting spam this morning from [email protected], with my username in the salutation, directing me to a new forum at a site called "hackforce" with a .ru domain. The typical cause for this sort of thing is that someone found a support/admin account with a weak password, brute forced it or guessed it, and can now log on as that user. I'm wondering if the support account has access to the login credentials of board members...

I use a password generated by the forum, but if anyone changed their MFL forum username and password to match their regular MFL passwords, you may want to consider changing them. I'm also wondering if whoever uses the support account on the boards uses the same password for their ID on the actual MFL site, and whether or not that person has support/admin privileges on MFL. If so, then there is a chance that your login credentials on the actual MFL site are compromised.

I don't want this to turn into a "best practices" thread on how not to get pwnd on the Internet, or enumerate the various ways someone may be sending spam from that account without logging in as them, I just wanted to give a heads up to a large population of MFL users that something funny is going on with their message board and possible reasons for concern.

 

[Colts Win]

I initially had this in the FFA, but someone suggested I move it here.It appears the MFL forum "support" account may have been compromised. I've been getting spam this morning from [email protected], with my username in the salutation, directing me to a new forum at a site called "hackforce" with a .ru domain. The typical cause for this sort of thing is that someone found a support/admin account with a weak password, brute forced it or guessed it, and can now log on as that user. I'm wondering if the support account has access to the login credentials of board members...I use a password generated by the forum, but if anyone changed their MFL forum username and password to match their regular MFL passwords, you may want to consider changing them. I'm also wondering if whoever uses the support account on the boards uses the same password for their ID on the actual MFL site, and whether or not that person has support/admin privileges on MFL. If so, then there is a chance that your login credentials on the actual MFL site are compromised.I don't want this to turn into a "best practices" thread on how not to get pwnd on the Internet, or enumerate the various ways someone may be sending spam from that account without logging in as them, I just wanted to give a heads up to a large population of MFL users that something funny is going on with their message board and possible reasons for concern.

I've never set up an account for there forums that I remember and I also received this email. I do play in several MFL leagues.

 

[BeTheMatch]

Yes, I've gotten seven of them. I emailed MFL but haven't received a response yet.

 

[vinwinephans]

I've gotten one - just a owner, not a commish, never requested support that I can think of.

 

[BeTheMatch]

Well, now the existing support forums for MFL are gone:

The forum has been temporarily been taken offline. Earlier today we had what we believe to be a hack into the forum where someone or something was able to access the bulk email capability of the forum. It only allowed them to send email to everyone who has registered with the forum and email addresses are secure. The forum will come back up once we determine what the fix is and implement it. We apologize in advance for any inconvenience this may cause.

MyFantasyLeague.com Support

 

[Grigs Allmoon]

Quit using MFL years ago... Can't say I'm surprised their DB was compromised.