Bot attempts to access forum account

I want to notice Epic and the community that there are bots trying to hack accounts on the forums. An hour ago I got a contact request on Skype that did not respond, so I blocked it. Short thereafter, someone is trying to log in to my account here on the forums with 5 failed attempts. Searching for the IP results in spam bot reports.

http://stopforumspam.com/ipcheck/50.7.143.60
http://botscout.com/ipcheck.htm?ip=50.7.143.60

So keep an eye out on your accounts and make sure to keep your passwords strong.

A few hours ago I had someone add me as a contact on Skype as well with no response, but I’m not aware of any attempts to hijack my account. My question is, how could the Skype request be related?

It’s not uncommon to try to get access to additional information to try to guess passwords. A lot of people use stupid passwords that are easy to find.

Hey Denny,

Did you receive an email about the failed login attempts? If so please don’t delete it just yet in case we need to reference it later. Could you also please send me the IP in a PM? I will post it for Epic to look into tomorrow. Thanks! – EDIT: Nevermind the IP is right there, whoops. I’ll pass on the info! :slight_smile:

If anyone else received an email please post here as well, we want to know if this is a one off attempt or something more.

this is the second time I’ve heard this in the last week, check this thread for what to do:)

Thanks Smokey, added that link to the report.

So Denny, be sure to email them with this info at accounts@unrealengine.com, and I have sent Epic a note on the matter. Thanks!

I will send an email to Epic regarding this. Cheers. :slight_smile:

Possible Hijacked Links on Epic’s sister site (UDK forums)

Could be a co-incidence… In recent days there’s something fishy going on with the links on the UDK forums.

Go to the old forums here with Javascript enabled:

Disconnect from the internet:
Then cilck on the top menu links to go to the new forums i.e. Unreal Engine Forums
https://forums.unrealengine.com/

There’s an attempt to load a popup to here:
http://fw.ddosprotected.eu/?_src=_popwnd

The only reference I can find for this site is here and it isn’t good:

Notes:
I confirmed the issue using Chrome and Firefox and using a 2nd Dev box that’s normally offline & air-gapped.
The problem only occurs if you directly click on a link. (Right clicking open in new tab will not trigger it)
Can’t confirm if my router is complicit in any way as rather unhelpfully its locked down by the ISP (MITM attack).
Otherwise security looks normal at my end. No other issues with any other sites.
Flash / Java is not installed. No plug-ins are loaded. No javascript is permitted except on trusted sites.
This isn’t an account issue either as you don’t have to be logged in by the way.
Anyone else seeing this? What email address should I follow to run this past Epic, any suggestions?

All moderators and administrators should do a comprehensive scan and be wary of any weird links that might start floating around. Additionally, a number of my customer’s sites have been under a barrage of different attacks, including but not limited to, brute force. If I was someone trying very hard to get into an elevated account on a forum, I would try some sort of zero day browser attack, since moderators need to look at links and decide whether to remove them or not. In this case, I would examine any suspicious links through a sandbox, and perhaps activate a white-list for forum linking.

We are doing this and we are monitoring as closely as possible. The features you mentioned can only be enabled by Epic and the mods are currently discussing the matter with Epic.

Hey all,

Alexander has brought it up to the team and we’re investigating. :cool: Feel free to hit us up if this escalates!

The forum has been acting slow lately… Could it be those little #^@^@ messing with it?