• Welcome, Guest! We hope you enjoy the excellent technical knowledge, event information and discussions that the BMW MOA forum provides. Some forum content will be hidden from you if you remain logged out. If you want to view all content, please click the 'Log in' button above and enter your BMW MOA username and password.

    If you are not an MOA member, why not take the time to join the club, so you can enjoy posting on the forum, the BMW Owners News magazine, and all of the discounts and benefits the BMW MOA offers?

  • Beginning April 1st, and running through April 30th, there is a new 2024 BMW MOA Election discussion area within The Club section of the forum. Within this forum area is also a sticky post that provides the ground rules for participating in the Election forum area. Also, the candidates statements are provided. Please read before joining the conversation, because the rules are very specific to maintain civility.

    The Election forum is here: Election Forum

MOA Forum Hacked?

Haven't heard of any issues. A few weeks back there was concern about some of the latest vBulletin sites having problems. We're not running the latest version, so we might be somewhat immune. But I'm sure, smarter people behind the scenes know more about what might have or have not been going on. Stay tune!
 
Might be a good time to change your password. I just did.
 
20774 said:
Haven't heard of any issues. A few weeks back there was concern about some of the latest vBulletin sites having problems. We're not running the latest version, so we might be somewhat immune. But I'm sure, smarter people behind the scenes know more about what might have or have not been going on. Stay tune!
Click to expand...

MOA's version of VB is older software, running a version with known security flaws. At the least they need to be up to 3.8.5, right now it's 3.8.2.

And we pay an IT guy full time to watch over this stuff.
 
So the e-mail I've received from BMWMOA is legit ?????? I'm assuming everyone else received the same e-mail....
 
I recieved a message last night from Brewmiester reporting the hack. I have changed my username and passorwd to what you now see. I am pleased to see that my avatar and other trite commentary has transferred.

Carry on.
 
James.A said:
I recieved a message last night from Brewmiester reporting the hack. I have changed my username and passorwd to what you now see. I am pleased to see that my avatar and other trite commentary has transferred.

Carry on.
Click to expand...

I think you should edit your post and not tell us (the world) what your before and after was... just sayin'
 
I wonder why not every member received an e-mail from BMWMOA:confused: Are some of us more important than others :heh
 
68159 said:
I wonder why not every member received an e-mail from BMWMOA:confused: Are some of us more important than others :heh
Click to expand...

I'm quite confident every member was sent an e-mail.

Some users are paranoid and put in bogus addresses.
Some users forgot to update an old address
Some users will have the message end up in their spam filter

If you want me to send you a copy directly send me a pm with your address.
 
68159 said:
I wonder why not every member received an e-mail from BMWMOA:confused: Are some of us more important than others :heh
Click to expand...

I got mine so maybe that means........ :brow Changed my password though but keeping same username. Maybe we get a bit cavalier regarding any public forum (just think of all the stuff thousands of folks put on Facebook). Anyway, hope this all amounts to nothing more than a wake-up call. - Bob
 
Hey man if they steal my identity will they incur my debts as well?
I can pile some up right quick.
Just askin. ;)
 
68159 said:
I wonder why not every member received an e-mail from BMWMOA:confused: Are some of us more important than others :heh
Click to expand...

Rob Nye said:
I'm quite confident every member was sent an e-mail.

Some users are paranoid and put in bogus addresses.
Some users forgot to update an old address
Some users will have the message end up in their spam filter

If you want me to send you a copy directly send me a pm with your address.
Click to expand...
And for more members than we want, we don't have an e-mail address on file. Of course, that is NOT true for forum users. To register for the forum, an e-mail address is required. Rob is right, thou, about the above. We hope all forum users find out about the hack and change their password.

tb
 
The example of listing the spam threads has been deleted at the request of the poster....The request from the MOD Team remains... Thanks.

The Mod team is on it and it isn't going to be fun PLEASE don't re-post threads and send members down the rabbit hole.
Attention if a member sees a suspicious site and it looks like the Moderators are not on it use the Report Post Button.
NEVER click on one of the links in one of these spam posts. They are most likely embedded re-directs.
 
Last edited:
Hats off to the mods for responding so quickly. I awoke to find the forum was virtually filled with spam, some rather innocuous in content and some inappropriate. Less than 2 hours later it's apparently all gone. I'm sure it took someone or some team of people a fair bit of time to clean this up.

Will this continue, due to the recent hacking?
 
dancogan said:
Hats off to the mods for responding so quickly. I awoke to find the forum was virtually filled with spam, some rather innocuous in content and some inappropriate. Less than 2 hours later it's apparently all gone. I'm sure it took someone or some team of people a fair bit of time to clean this up.

Will this continue, due to the recent hacking?
Click to expand...

It will be a tough slog for a bit, me thinks.

While all the issues would be resolved in hours with a forum upgrade there is a very good chance that the interface between the forum and back end of the member management / e-commerce system would break.

I'm willing to wager that someone is doing validation testing on the interface with the latest version of VB but that takes time and money as one needs to set up a test lab discover any issues and then fix them before upgrading the DB.

In the interim I think the fastest way to stop the spam is to turn off the self-registration feature, all new forum logins would have to be validated by a human.

There are people working on this in the last few days the forum has been updated to 3.8.6. I'm confident they'll get this sorted out as quickly as they can. In the mean time kudos to the mods for rapid clean up.
 
This morning I saw all the spam crap on the forum and logged out. When I went to log in a few hours later, I got an error message that would not allow me to log in.
Submitted the lost password form and tried the new one, same error massage.
Now an hour or so later I can log in with the new password, but am unable to update it.
Is this part of the repair?
 
You must log in or register to reply here.

Similar threads

mikegalbicka
PSA - USAA hack and security issues 2023/2024
Replies
0
Views
239
mikegalbicka
mikegalbicka
H
Hodakaguy's R51/3 & Steib LS200 Thread.
2
Replies
26
Views
3K
Drew
Drew
icing777
Anyone from the area to MOA Rally and GA Mountain rally?
Replies
3
Views
261
BrianAMcPhail
BrianAMcPhail
J
New Member from Maryland
Replies
10
Views
379
rockbottom
rockbottom
pglaves
Don Cameron Award Ceremony 10/28/2023
Replies
9
Views
1K
Voni
Voni
Back
Top