A few days ago I warned our mods about going to another rival forum site because I got a virus warning when going to their homepage.
And yesterday another big mj forum got hacked and lost nearly a month of posts.
Now I'm sorry I didn't issue a general warning to everyone.
So now you are warned.
If you visit other mj websites you may be exposed to viruses/trojans. And these seem especially bad, as they are being used by hackers to capture passwords so they can take over accounts and possibly your computer.
Fortunately, I upgraded the security on icmag last month, but nothing is 100% secure.
If you use the same nic and/or password here as you do on other sites I suggest you change your password immediately..
UPDATE 3/18: After reading the reactions and admin responses on these other websites to what happened, I feel compelled to provide even more info on the risks involved, because these admins are shirking their responsibilities and possibly putting people at risk.
Here are some facts for everyone to think about:
1. Many websites were hacked using the SQL database injection method over the past week. When successful, hackers can do most anything to the database, including copying or deleting data. In fact, one of the things they did was insert new text into thousands of recent postings on some of those sites (only a few sites were mj related).
2. Most people are assuming that Anonymous was behind the hack, some people are even sympathetic with their goals. Admins are saying NOT TO WORRY because Anonymous is cool and they didn't copy any data, all they did was redirect people to view a political video. However, that was not the same experience I had. On one site I got directed to a page that popped up my anti-virus warning me about the page. It wasn't the same page that other people got redirected to on other sites apparently. And to make the assumption that Anonymous wouldn't release personal info into the public domain, is kinda strange, as that has been their M.O. for awhile now (esp. the splinter group, Lulzsec). I didn't watch the political video so I can't guess whether it was really anonymous or not behind the video and attacks.
What has happened with Anonymous/Lulzsec/Anti-Sec is these groups seek to acquire enough personal info to hack into personal accounts so they can release info on groups of people they target. I do agree that marijuana users in general would not be a logical target for them. Anonymous has always championed Free Speech, and attacked those who try to limit it. So I really don't think anyone need fear anonymous. But is that who is behind these attacks? I haven't seen any group take credit for it yet.
3. Other possibilities are that ppl were infected with a virus when they were taken to the redirected site (the reason why I've warned ppl to run a RootKit scan). That is the warning I got from my anti-virus which caught it. This would enable the hackers to take remote control of a victim's computer or read keystrokes to obtain passwords to accounts, esp. bank accounts and credit cards. If this were an Anonymous type of action, then they would just use your computer to attack other computers unless you are someone they've targeted.
4. I think the other admins should at least suggest their members change their passwords and do a full anti-virus scan.
No, imo, this was not about Anonymous. Perhaps that was just a cover. I'm leaning towards it being grey or black hats, looking to make some money, either thru extortion or theft of personal info. At this point the evidence I see points to that. But I have less info avail than the webmasters of these other hacked sites do, so keep that in mind.
And yesterday another big mj forum got hacked and lost nearly a month of posts.
Now I'm sorry I didn't issue a general warning to everyone.
So now you are warned.
If you visit other mj websites you may be exposed to viruses/trojans. And these seem especially bad, as they are being used by hackers to capture passwords so they can take over accounts and possibly your computer.
Fortunately, I upgraded the security on icmag last month, but nothing is 100% secure.
If you use the same nic and/or password here as you do on other sites I suggest you change your password immediately..
UPDATE 3/18: After reading the reactions and admin responses on these other websites to what happened, I feel compelled to provide even more info on the risks involved, because these admins are shirking their responsibilities and possibly putting people at risk.
Here are some facts for everyone to think about:
1. Many websites were hacked using the SQL database injection method over the past week. When successful, hackers can do most anything to the database, including copying or deleting data. In fact, one of the things they did was insert new text into thousands of recent postings on some of those sites (only a few sites were mj related).
2. Most people are assuming that Anonymous was behind the hack, some people are even sympathetic with their goals. Admins are saying NOT TO WORRY because Anonymous is cool and they didn't copy any data, all they did was redirect people to view a political video. However, that was not the same experience I had. On one site I got directed to a page that popped up my anti-virus warning me about the page. It wasn't the same page that other people got redirected to on other sites apparently. And to make the assumption that Anonymous wouldn't release personal info into the public domain, is kinda strange, as that has been their M.O. for awhile now (esp. the splinter group, Lulzsec). I didn't watch the political video so I can't guess whether it was really anonymous or not behind the video and attacks.
What has happened with Anonymous/Lulzsec/Anti-Sec is these groups seek to acquire enough personal info to hack into personal accounts so they can release info on groups of people they target. I do agree that marijuana users in general would not be a logical target for them. Anonymous has always championed Free Speech, and attacked those who try to limit it. So I really don't think anyone need fear anonymous. But is that who is behind these attacks? I haven't seen any group take credit for it yet.
3. Other possibilities are that ppl were infected with a virus when they were taken to the redirected site (the reason why I've warned ppl to run a RootKit scan). That is the warning I got from my anti-virus which caught it. This would enable the hackers to take remote control of a victim's computer or read keystrokes to obtain passwords to accounts, esp. bank accounts and credit cards. If this were an Anonymous type of action, then they would just use your computer to attack other computers unless you are someone they've targeted.
4. I think the other admins should at least suggest their members change their passwords and do a full anti-virus scan.
No, imo, this was not about Anonymous. Perhaps that was just a cover. I'm leaning towards it being grey or black hats, looking to make some money, either thru extortion or theft of personal info. At this point the evidence I see points to that. But I have less info avail than the webmasters of these other hacked sites do, so keep that in mind.
Last edited:
Skip!!!
