Bot attempts to access forum account

Denny · July 5, 2015, 6:45pm

I want to notice Epic and the community that there are bots trying to hack accounts on the forums. An hour ago I got a contact request on Skype that did not respond, so I blocked it. Short thereafter, someone is trying to log in to my account here on the forums with 5 failed attempts. Searching for the IP results in spam bot reports.

http://stopforumspam.com/ipcheck/50.7.143.60
http://botscout.com/ipcheck.htm?ip=50.7.143.60

So keep an eye out on your accounts and make sure to keep your passwords strong.

Jamendxman3 · July 5, 2015, 6:49pm

A few hours ago I had someone add me as a contact on Skype as well with no response, but I’m not aware of any attempts to hijack my account. My question is, how could the Skype request be related?

Denny · July 5, 2015, 6:56pm

It’s not uncommon to try to get access to additional information to try to guess passwords. A lot of people use stupid passwords that are easy to find.

anonymous_user_0df12f74 · July 5, 2015, 7:01pm

Hey Denny,

Did you receive an email about the failed login attempts? If so please don’t delete it just yet in case we need to reference it later. Could you also please send me the IP in a PM? I will post it for Epic to look into tomorrow. Thanks! – EDIT: Nevermind the IP is right there, whoops. I’ll pass on the info!

If anyone else received an email please post here as well, we want to know if this is a one off attempt or something more.

anonymous_user_f70d3582 · July 5, 2015, 7:19pm

this is the second time I’ve heard this in the last week, check this thread for what to do:)

anonymous_user_0df12f74 · July 5, 2015, 7:23pm

Thanks , added that link to the report.

So Denny, be sure to email them with this info at accounts@unrealengine.com, and I have sent Epic a note on the matter. Thanks!

Denny · July 5, 2015, 9:40pm

I will send an email to Epic regarding this. Cheers.

AntiGravity · July 6, 2015, 2:59am

Possible Hijacked Links on Epic’s sister site (UDK forums)

Could be a co-incidence… In recent days there’s something fishy going on with the links on the UDK forums.

Go to the old forums here with Javascript enabled:

Disconnect from the internet:
cilck on the top menu links to go to the new forums i.e. Unreal Engine Forums
https://forums.unrealengine.com/

There’s an attempt to load a popup to here:
http://fw.ddosprotected.eu/?_src=_popwnd

The only reference I can find for this site is here and it isn’t good:

Notes:
I confirmed the using Chrome and Firefox and using a 2nd Dev box that’s normally offline & air-gapped.
The problem only occurs if you directly click on a link. (Right clicking open in new tab will not trigger it)
Can’t confirm if my router is complicit in any way as rather unhelpfully its locked down by the ISP (MITM attack).
Otherwise security looks normal at my end. No other issues with any other sites.
Flash / Java is not installed. No plug-ins are loaded. No javascript is permitted except on trusted sites.
This isn’t an account either as you don’t have to be logged in by the way.
Anyone else seeing this? What email address should I follow to run this past Epic, any suggestions?

qdelpeche · July 6, 2015, 4:05am

We are doing this and we are monitoring as closely as possible. The features you mentioned can only be enabled by Epic and the mods are currently discussing the matter with Epic.

Ivey · July 6, 2015, 1:16pm

Hey all,

Alexander has brought it up to the team and we’re investigating. Feel free to hit us up if this escalates!

anonymous_user_2abc4573 · July 6, 2015, 3:06pm

The forum has been acting slow lately… Could it be those little #^@^@ messing with it?