Forum hack- what happened?

blackbird9 said:
Well done for fixing it quickly. Do you know if they were able to get hold of any of our user account details? Names, emails, etc..?
Click to expand...
I am now receiving spam on the unique address I used to register for the bugzilla, so either the hack has been used to gain access to the bugzilla or that has now also been hacked. Attempting to log in to the bugzilla now fails with a 503 error.
 
ruby R53 said:
i dunno if it's just me but there seems to have been an increase in websites/accounts being hacked ever since all that AI stuff started getting so much hype, this makes me wonder if hackers are using LLMs to improve their techniques or even to assist them with hacking by running some local model
Click to expand...

I would be very surprised if bad actors are _not_ making use of every available tool.

Making use of automation to find and lock down every available exploit vector then becomes an obligatory defence strategy.

The self fulfilling prophecy of 'AI'.
 
kjpetrie said:
I am now receiving spam on the unique address I used to register for the bugzilla, so either the hack has been used to gain access to the bugzilla or that has now also been hacked. Attempting to log in to the bugzilla now fails with a 503 error.
Click to expand...
all email addresses used on Bugzilla are public; they're visible as mailto: links in every bug you open and every comment you leave. anyone can scrape Bugzilla for email addresses to send spam. there is absolutely no reason to conclude that someone hacked Bugzilla just because you receive spam.

the reason Bugzilla has been occasionally unavailable recently is due, as usual, to a large number of crawlers effecting a DDoS attack. clusteradm is adding workarounds as necessary to keep it working.
 
You must log in or register to reply here.
Back
Top