Update re: HACKED

[YZFoxxy]

Thank's ****er.........Who's crying all i need now is Foxy under my mistletoe......

Merry Christmas Richie.. Sending hugs and kisses your way!!

Once she wakes up and leaves the bed I'll let her know

Thanks for reminding me to send that msg to Richie!

Did she and your wife make sandwiches again last night....

If his wife and I were able to walk after.. he didn't earn any sandwiches!! lol

dude! hook me up with some of that chloroform!

Silly Kitty.. you don't need any chloroform!!

 

[Two50noob]

It's at my brothers getting what's left of my files put on a new hard drive

http://m.tigerdirect.ca/applications/searchtools/item-details.asp?EdpNo=2477926

remove the drive and get one of these then you can navigate to the files and save them. It turn the dusk basically into a USB drive. But remember viruses spread so you should do it on another PC that u don't mind losing make sure you av and patches are upto date and make sure you scan the files before putting them back on your new pc.

 

[irv]

You want them to post on a public forum the technical steps that they took to ensure this doesn't happen again?

I don't necessarily want a step-by-step, but I would like some assurance that our passwords are no longer being stored in plaintext at the very least.

If the passwords were able to be read in the first place then I'm thinking there were some security basics being ignored.

Anyhow, I was more or less curious as to specific exploits that may or may not have been used and that they are no longer vulnerable to the same exploits.

Hopefully they are well on their way to getting everything back operational and secured!

Merry Christmas all.

 

[Germax]

Don't think it was plaintext but some hashes are easier to crack than others. Also having crappy password pretty much guarantees it will be discovered.

 

[wheeliemachine]

Just received my first spam message on my GTAM only e-mail address (that I was using before the hack):

----------------

Greetings from Amazon.com

Please take the time to read this message

it contains important information about your Amazon.com account.

After careful review of your account, we believe it may have been re-accessed and again used by a third-party to make purchases without your permission.

It seems that someone obtained your personal account and/or financial information elsewhere, and used it on Amazon.com to re-access your account.

Please note that no unauthorized charges were completed as we were able to cancel the newly placed order(s).

We have taken immediate steps to secure your account. To prevent further access by the unauthorized third-party,

we have temporarily disabled access to your account, and removed any credit cards or other payment methods from your account.

Any unauthorized orders have been removed from your account.

You should disregard any confirmation emails you may have received for these orders.

Additionally, if any information was added to your account by someone other than you, it has been removed.

Please note that you will need to re-enter your complete credit or debit card number .

--------------------------------------------------------

Click the link below to open a secure browser window.

Confirm that you're the owner of the account.

https://www.amazon.com/gp/css/homepage.html

--------------------------------------------------------

Thank you for shopping at Amazon.com.

Sincerely,

Shannon S.
Verifications Specialist
Amazon.com
http://www.amazon.com

---------------------

 

[Germax]

This is actually phishing. We all can expect much of this and tons of spam too unfortunately.

 

[Slick_Steveo]

Just received my first spam message on my GTAM only e-mail address (that I was using before the hack):

----------------

Greetings from Amazon.com

Please take the time to read this message

it contains important information about your Amazon.com account.

After careful review of your account, we believe it may have been re-accessed and again used by a third-party to make purchases without your permission.

It seems that someone obtained your personal account and/or financial information elsewhere, and used it on Amazon.com to re-access your account.

Please note that no unauthorized charges were completed as we were able to cancel the newly placed order(s).

We have taken immediate steps to secure your account. To prevent further access by the unauthorized third-party,

we have temporarily disabled access to your account, and removed any credit cards or other payment methods from your account.

Any unauthorized orders have been removed from your account.

You should disregard any confirmation emails you may have received for these orders.

Additionally, if any information was added to your account by someone other than you, it has been removed.

Please note that you will need to re-enter your complete credit or debit card number .

--------------------------------------------------------

Click the link below to open a secure browser window.

Confirm that you're the owner of the account.

https://www.amazon.com/gp/css/homepage.html

--------------------------------------------------------

Thank you for shopping at Amazon.com.

Sincerely,

Shannon S.
Verifications Specialist
Amazon.com
http://www.amazon.com

---------------------

I got the same email.

 

[Two50noob]

I got the same email.

its almost impossible to know if this spam is the result of the hack or if its just been obtained elsewhere.
As always people need to watch out.

and you should report this to your email provider and amazon

 

[Slick_Steveo]

and you should report this to your email provider and amazon

Will do !!

 

[cors]

I got it too. 7:47pm last night.

 

[Slick_Steveo]

here is the email I sent Amazon

"To Whom it may concern,

I received the attached email from Amazon.com

Please delete my account and all payment related details.

I will await confirmation that you have done so.

Regards"

 

[Dresden]

I have received it too.

Effing hell.

 

[Two50noob]

I have received it too.

Effing hell.

It does not mean they have hacked your account. It just means someone is trying to Phish you. If you use a good email service like Gmail most of the stuff that gets sent to you wont reach you.

 

[wheeliemachine]

Just received my first spam message on my GTAM only e-mail address ...

its almost impossible to know if this spam is the result of the hack or if its just been obtained elsewhere.

Oh trust me, I know

 

[Slick_Steveo]

Oh trust me, I know

seriously Jamie?...you have knowledge of this?....and you have nothing to do with it?

 

[wheeliemachine]

seriously Jamie?...you have knowledge of this?....and you have nothing to do with it?

If the e-mail address was ONLY used to sign up with GTAM, of course then it was only obtained from the hacked GTAM database. Look at how many people in this thread received the IDENTICAL e-mail, coincidence? I think not.

They even spammed banned accounts, how dare the hackers!

The hacker (Smail Max) posted a screen cap of the GTAM database on his facebook page, obviously the e-mail addresses of all the members were easy to harvest:

 

[fastar1]

I didn't get that phishing email. Even spammers don't wanna be my friends

 

[wheeliemachine]

I didn't get that phishing email. Even spammers don't wanna be my friends

If you have good junkmail protection (gmail, etc.) you probably wouldn't have even seen it. The link in the e-mail is a hotlink to a completely different address, which means it'll always get flagged as spam.

The link in the e-mail: https://www.amazon.com/gp/css/homepage.html

Actually points to: <-- DO NOT CLICK.

 

[carboncat]

God Jamie how many usernames do you have lol

 

[wheeliemachine]

God Jamie how many usernames do you have lol

They even spammed banned accounts...

Only ever one at a time