I read on Nicolesy's facebook that Istockphoto is down:

RT @kkthompson: There is a phishing attack happening against iStockphoto. We've taken down the site as a precaution.

I hope it's not taking to long

Well it has been down for at least an hour and a half at this point from when I first noticed it 

My sales were not that great today... but now they are toast!
It of course really hurts people like Sean a lot more than little guys like me.

Still not fun though.

Boy, if I were exclusive, I'd be seriously pissed right about now...

Quote from: disorderly on March 04, 2009, 02:36
Boy, if I were exclusive, I'd be seriously pissed right about now...

Word...

I feel for the IT guys there, probably a long night ahead of them. 

Quote from: disorderly on March 04, 2009, 02:36
Boy, if I were exclusive, I'd be seriously pissed right about now...

Why? That's simply the risk you take when you put all your eggs in one basket. It's hardly a surprise for IS to go down, it happens quite frequently, and it's something that any exclusive would obviously have factored into their calculation.

Dam*n hackers. Shoot them all those miserable f*cks! 

They're back up.

Sounds like passwords may have been compromised. Might be a good time to change to a new one...

Very strange.
1. For a _real_ phishing attacks IS seems to be too small of a target. Big bad guys do not waste their time on something like this.
2. For _any_ type of phishing attack - how can taking site down help?

And to helix7 - phishing attacks compromise passwords only for those who got phished

Quote from: UncleGene on March 04, 2009, 03:37
2. For _any_ type of phishing attack - how can taking site down help?

That's what I was thinking too.

Quote from: gostwyck on March 04, 2009, 02:45

Quote from: disorderly on March 04, 2009, 02:36
Boy, if I were exclusive, I'd be seriously pissed right about now...

Why? That's simply the risk you take when you put all your eggs in one basket. It's hardly a surprise for IS to go down, it happens quite frequently, and it's something that any exclusive would obviously have factored into their calculation.

I wouldn't call that obvious at all.  Moreover, I bet there are a lot of exclusives who hadn't given it much thought before an incident like this.  Just because something can be predicted doesn't mean it will be, at least not by everybody.

here is a link to the istock thread
http://www.istockphoto.com/forum_messages.php?threadid=85143

Quote from: yingyang0 on March 04, 2009, 04:33

Quote from: UncleGene on March 04, 2009, 03:37
2. For _any_ type of phishing attack - how can taking site down help?

That's what I was thinking too.

I'd guess it helps prevent hackers from using the stolen credentials and take the money.

Quote from: araminta on March 04, 2009, 07:43

Quote from: yingyang0 on March 04, 2009, 04:33

Quote from: UncleGene on March 04, 2009, 03:37
2. For _any_ type of phishing attack - how can taking site down help?

That's what I was thinking too.

I'd guess it helps prevent hackers from using the stolen credentials and take the money.

Also apparently the fishing attack was somehow distributed through Forum posts and/or Sitemail, I have no details yet. So closing the site prevented further distribution of the problem.

Anyway, recommendation is to a) change your password on iStockphoto if you have doubts and b) check if you are using the same username/password combination of other sites. You might be vulnerable there as well.

Quote from: disorderly on March 04, 2009, 02:36
Boy, if I were exclusive, I'd be seriously pissed right about now...

Why? S**t happens and the attack could have happened anywhere, I'm just thankful and impressed istock dealt with it so quickly and efficiently.

Yes it might dent yesterday's sales but closing the site isolated the problem and stopped it becoming a major issue!

Quote from: disorderly on March 04, 2009, 02:36
Boy, if I were exclusive, I'd be seriously pissed right about now...

Yeah, I don't understand this either.  It wasn't their fault and it was dealt with.  A small downtime is just a part of business.

OMG I was constantly logged out of Istock yesterday, like someone was loggin in from another computer. 

Quote from: UncleGene on March 04, 2009, 03:37
Very strange.
1. For a _real_ phishing attacks IS seems to be too small of a target. Big bad guys do not waste their time on something like this.
2. For _any_ type of phishing attack - how can taking site down help?

And to helix7 - phishing attacks compromise passwords only for those who got phished

Correction. As they say it was from forums ans sitemail, they did not have phishing attack. It was XSS exploit, and yes, everybody should change passwords (though who knows how many XSS holes they still have)

Correction.  It was links sent to members in sitemail an forums, so it was just phising, and not whatever xss stuff you're talking about.

If our passwords are really out there...why doesn't Istock inform us about this. There are so many contributors who never read the forums!

I got a warning notice from Lookstat to change my passwords last night, but nothing from IS now that you mention it. 

and what is XSS anyway?

Quote from: sjlocke on March 04, 2009, 17:10
Correction.  It was links sent to members in sitemail an forums, so it was just phising, and not whatever xss stuff you're talking about.

Are you absolutely sure? The difference is simple: if it was phishing, only ones who used these links are in a bad shape; in case of xss - anybody who visited the site.

Quote from: lclark on March 04, 2009, 17:39
I got a warning notice from Lookstat to change my passwords last night, but nothing from IS now that you mention it. 

and what is XSS anyway?

In simple words:
Phishing - you are tricked to go to different site
XSS - somebody puts the code on IS that (may) share all your data

You can defend yourself from (1) by never using insecure login on IS (do not use one on top of the page, go to a separate login page, and always check "secure" icon in your browser), but the only defense from (2) is to disable javascript - and this in turn will make IS unusable.

This attack created a fake istockphoto.com login screen, prompted the user for a username & password, saved them to a malicious server, then redirected the user back to the iStockphoto main page.
   

http://www.istockphoto.com/forum_messages.php?threadid=85143    From leaf post earlier

Does this help?

Quote from: Vonkara on March 04, 2009, 17:57
This attack created a fake istockphoto.com login screen, prompted the user for a username & password, saved them to a malicious server, then redirected the user back to the iStockphoto main page.
   

http://www.istockphoto.com/forum_messages.php?threadid=85143    From leaf post earlier

Does this help?

Yes, because in simple terms, only people who logged in to the fake site are at risk, no one else!

This afternoon a phishing attack was conducted in the forums and through sitemail. This attack created a fake istockphoto.com login screen, prompted the user for a username & password, saved them to a malicious server, then redirected the user back to the iStockphoto main page.

Unless you logged in to forums or sitemail, during the afternoon, there's nothing to panic about.

I have a different password for each agency, which is a good idea if you want to make yourself fell better, should someone actually break into a database. I have a notebook with my passwords, so I don't forget them.  Could just be a sign of old age?