Receiving spam from anandtech smtp server?

[Double Trouble]

I received an email just now supposedly from forumadmin@anandtech.com, sent to my email addy that I use specifically for AT. It's spam promoting some garbage site "draglift".

Unless I'm reading the headers wrong, it looks like the mail is actually coming from mail.anandtech.com, sent using a php vbulletin mailer.

I'm assuming I'm not the only one who got it.....

 

[Praetor]

I received an email just now supposedly from forumadmin@anandtech.com, sent to my email addy that I use specifically for AT. It's spam promoting some garbage site "draglift".

Unless I'm reading the headers wrong, it looks like the mail is actually coming from mail.anandtech.com, sent using a php vbulletin mailer.

I'm assuming I'm not the only one who got it.....

I wish you were. This coincides with the "down for scheduled maintenance" message I recieved on the forum at the same time.

 

[Newbian]

Sadly it's a new forum:

http://forums.anandtech.com/forumdisplay.php?f=59

 

[FoBoT]

i think we been hacked
gotta love the big target vBulletin puts on us :/

 

[DarkWarrior2]

Good thing I checked here, I was one click away from reporting the spam at spamcop.

I thought it was a forged header or something...

 

[Ken g6]

If it's any help, I notice that at least viewing single posts (showpost.php) is returning status code 500 (Internal Server Error), though the HTML is as normal. I wouldn't have noticed except that I'm working on a Greasemonkey script with AJAX.

 

[sandorski]

Draglift.com

Is a site that lets you Watch Movies and TV Shows online for Free.

No clutterness, no lag,

Watch over 27 movies,

and lots of TV Shows.
===================
e-mail I received from forumadmin@anandtech.com

 

[Dean]

I got one also. I thought is was spam and I was right. Spam from here it seems.

 

[Damn Dirty Ape]

yup. nice ain't it?

 

[ViRGE]

Something is very wrong here guys. I'm trying to get to the bottom of it ASAP.

 

[bamacre]

Email sent to the guys behind the curtain.

I also posted in your other thread, Virge.

 

[dennilfloss]

Found the same email in my junk folder. Have our passwords and other stuff been compromised?

 

[dmcowen674]

i think we been hacked
gotta love the big target vBulletin puts on us :/

Someone got in and made a Global Announcement on this Draglift thing at the top on you guys?

It's above the Derek Wilson announcement.

 

[Dualist]

Luckly I didn't get the email, but if the affiliate site wasn't posted by the web team, or any of the admins, this matter is worth investigating. Someone could've injected malicious code to get the "affiliate link" in, just a guess.

 

[hclarkjr]

i recieved it too, it was sent to me at Tue 12/1/2009 9:51 PM if that helps.

 

[Blazer]

same here, whats up with draglift, why is it at the top of the forum ?

 

[Perknose]

I wish you were. This coincides with the "down for scheduled maintenance" message I recieved on the forum at the same time.

That was my announcement. Can't you recognize the writing style? Anyway, and sadly, that announcement is true.

I'm wading into this crapola now. Damn, you do something frivolous like going to sleep at night and look what happens! 😱

 

[MotF Bane]

That was my announcement. Can't you recognize the writing style? Anyway, and sadly, that announcement is true.

I'm wading into this crapola now. Damn, you do something frivolous like going to sleep at night and look what happens! 😱

How dare you sleep? DragLift demands answers!

 

[Dualist]

That was my announcement. Can't you recognize the writing style? Anyway, and sadly, that announcement is true.

I'm wading into this crapola now. Damn, you do something frivolous like going to sleep at night and look what happens! 😱

So it was you who made the Maintenance notice, I should've known 🙂

Your creative writing does ring a bell to me, sounds as if you're speaking from your soul. 😀

 

[SunnyD]

Found the same email in my junk folder. Have our passwords and other stuff been compromised?

Disclaimer: IANAA(dmin)

Hate to say it, but consider this a FUCK YES. I'm not intentionally trying to set off a panic here, but if the admin accounts were hacked, and they were, you may as well consider all of your data here compromised, even if superficially it wasn't.

 

[cmf21]

Got this draglift message too in my inbox.

 

[dfuze]

If passwords are compromised, at which point is it "secure" enough to change them.

 

[Gillbot]

If passwords are compromised, at which point is it "secure" enough to change them.

now, to something generic and unrelated to anything else

then wait for the all clear i'd guess.

 

[SunnyD]

If passwords are compromised, at which point is it "secure" enough to change them.

|
|
V

now, to something generic and unrelated to anything else

then wait for the all clear i'd guess.

This.

 

[Perknose]

I have nuked the Affiliate sub forum and removed all permissions from the account they were using.