MicrostockGroup
Agency Based Discussion => iStockPhoto.com => Topic started by: CvanDijk on March 03, 2009, 21:20
-
I read on Nicolesy's facebook that Istockphoto is down:
RT @kkthompson: There is a phishing attack happening against iStockphoto. We've taken down the site as a precaution.
I hope it's not taking to long
-
Well it has been down for at least an hour and a half at this point from when I first noticed it >:(
My sales were not that great today... but now they are toast!
It of course really hurts people like Sean a lot more than little guys like me.
Still not fun though.
-
Boy, if I were exclusive, I'd be seriously pissed right about now...
-
Boy, if I were exclusive, I'd be seriously pissed right about now...
Word...
-
I feel for the IT guys there, probably a long night ahead of them.
-
Boy, if I were exclusive, I'd be seriously pissed right about now...
Why? That's simply the risk you take when you put all your eggs in one basket. It's hardly a surprise for IS to go down, it happens quite frequently, and it's something that any exclusive would obviously have factored into their calculation.
-
Dam*n hackers. Shoot them all those miserable f*cks! >:(
-
They're back up.
Sounds like passwords may have been compromised. Might be a good time to change to a new one...
-
Very strange.
1. For a _real_ phishing attacks IS seems to be too small of a target. Big bad guys do not waste their time on something like this.
2. For _any_ type of phishing attack - how can taking site down help?
And to helix7 - phishing attacks compromise passwords only for those who got phished :)
-
2. For _any_ type of phishing attack - how can taking site down help?
That's what I was thinking too.
-
Boy, if I were exclusive, I'd be seriously pissed right about now...
Why? That's simply the risk you take when you put all your eggs in one basket. It's hardly a surprise for IS to go down, it happens quite frequently, and it's something that any exclusive would obviously have factored into their calculation.
I wouldn't call that obvious at all. Moreover, I bet there are a lot of exclusives who hadn't given it much thought before an incident like this. Just because something can be predicted doesn't mean it will be, at least not by everybody.
-
here is a link to the istock thread
http://www.istockphoto.com/forum_messages.php?threadid=85143
-
2. For _any_ type of phishing attack - how can taking site down help?
That's what I was thinking too.
I'd guess it helps prevent hackers from using the stolen credentials and take the money.
-
2. For _any_ type of phishing attack - how can taking site down help?
That's what I was thinking too.
I'd guess it helps prevent hackers from using the stolen credentials and take the money.
Also apparently the fishing attack was somehow distributed through Forum posts and/or Sitemail, I have no details yet. So closing the site prevented further distribution of the problem.
Anyway, recommendation is to a) change your password on iStockphoto if you have doubts and b) check if you are using the same username/password combination of other sites. You might be vulnerable there as well.
-
Boy, if I were exclusive, I'd be seriously pissed right about now...
Why? S**t happens and the attack could have happened anywhere, I'm just thankful and impressed istock dealt with it so quickly and efficiently.
Yes it might dent yesterday's sales but closing the site isolated the problem and stopped it becoming a major issue!
-
Boy, if I were exclusive, I'd be seriously pissed right about now...
Yeah, I don't understand this either. It wasn't their fault and it was dealt with. A small downtime is just a part of business.
-
OMG I was constantly logged out of Istock yesterday, like someone was loggin in from another computer. ???
-
Very strange.
1. For a _real_ phishing attacks IS seems to be too small of a target. Big bad guys do not waste their time on something like this.
2. For _any_ type of phishing attack - how can taking site down help?
And to helix7 - phishing attacks compromise passwords only for those who got phished :)
Correction. As they say it was from forums ans sitemail, they did not have phishing attack. It was XSS exploit, and yes, everybody should change passwords (though who knows how many XSS holes they still have)
-
Correction. It was links sent to members in sitemail an forums, so it was just phising, and not whatever xss stuff you're talking about.
-
If our passwords are really out there...why doesn't Istock inform us about this. There are so many contributors who never read the forums!
-
I got a warning notice from Lookstat to change my passwords last night, but nothing from IS now that you mention it. :-\
and what is XSS anyway?
-
Correction. It was links sent to members in sitemail an forums, so it was just phising, and not whatever xss stuff you're talking about.
Are you absolutely sure? The difference is simple: if it was phishing, only ones who used these links are in a bad shape; in case of xss - anybody who visited the site.
-
I got a warning notice from Lookstat to change my passwords last night, but nothing from IS now that you mention it. :-\
and what is XSS anyway?
In simple words:
Phishing - you are tricked to go to different site
XSS - somebody puts the code on IS that (may) share all your data
You can defend yourself from (1) by never using insecure login on IS (do not use one on top of the page, go to a separate login page, and always check "secure" icon in your browser), but the only defense from (2) is to disable javascript - and this in turn will make IS unusable.
-
This attack created a fake istockphoto.com login screen, prompted the user for a username & password, saved them to a malicious server, then redirected the user back to the iStockphoto main page.
http://www.istockphoto.com/forum_messages.php?threadid=85143 From leaf post earlier
Does this help?
-
This attack created a fake istockphoto.com login screen, prompted the user for a username & password, saved them to a malicious server, then redirected the user back to the iStockphoto main page.
[url]http://www.istockphoto.com/forum_messages.php?threadid=85143 [/url] From leaf post earlier
Does this help?
Yes, because in simple terms, only people who logged in to the fake site are at risk, no one else!
This afternoon a phishing attack was conducted in the forums and through sitemail. This attack created a fake istockphoto.com login screen, prompted the user for a username & password, saved them to a malicious server, then redirected the user back to the iStockphoto main page.
Unless you logged in to forums or sitemail, during the afternoon, there's nothing to panic about.
I have a different password for each agency, which is a good idea if you want to make yourself fell better, should someone actually break into a database. I have a notebook with my passwords, so I don't forget them. ;D Could just be a sign of old age?
-
2. For _any_ type of phishing attack - how can taking site down help?
That's what I was thinking too.
Disconnecting, finding the breech, restoring files from backups?
Regards,
Adelaide
-
2. For _any_ type of phishing attack - how can taking site down help?
That's what I was thinking too.
Disconnecting, finding the breech, restoring files from backups?
Regards,
Adelaide
Taking down the site can provide time to clean out the forum and sitemail for posts from the bad guys, keeping other contributors safe from clicking.
-
Taking down the site can provide time to clean out the forum and sitemail for posts from the bad guys, keeping other contributors safe from clicking.
A very wise move of IS, IT-wise spoken.
-
2. For _any_ type of phishing attack - how can taking site down help?
That's what I was thinking too.
Disconnecting, finding the breech, restoring files from backups?
Agree. At the time I've posted my #2 I did not see yet the part about forums. It makes the perfect sense to take down an offending site - even if in this case it is your own one.
I just hope that this incedent will work as a wake-up call for IS and others.
Almost a year ago on this and other forums I've pointed to unsecure logins to all but one microstock sites. The reaction was from absent to "who the heck will go for your couple bucks". Apparently there is somebody out looking for spare change :)
BTW, #1 was also not exactly right, caused by slight difference in terminology. I just used to call "phishing attack" something much more serious. For this level of phishing IS is a perfect target - with good effort/profit ratio.