Post Over At Watch Trader

[dadog13]

hi guys....saw this post this morning and didn't belive it...this post wasn't put neither on RWG & TRC...i've Pm-ed and e-maile-ed Trusty asking him if this was true....but still no answer....

seems that someone hijacked his username at WT...and posted the thread...maybe his PP account is hijacked too...who knows...WAITING TO HEAR FROM TRUSTY SO WE COULD KNOW WHAT IS HAPPENING REALLY!....

what do you guys think....

if you are too lazy to follow the link : suspicios post at WT

follow the link and you'll see all the replies to the post...

here is the copy paste of it :

To show my appreciation for all the support that I have received, all my items are going at 50% off with no delivery charge. The offer is valid till end of May, so dont hesitant anymore. Like I said, there's always a replica for you. smile.gif

THANK YOU!

ANDREW

Your trusty watchguy,

Andrew

WEBSITE: TRUSTYTIME

View my Online Album --->:: THE REPLICA WATCH ::

Password: trw

EMAIL me the Model Reference Code and I will advise Price and Availability

email: trustywatchguy@gmail.com

:: there's always a replica for you ::

A pp Premier Verified Account which accepts credit and debit cards - Your convenient payment mode

pp to : trustywatchguy@gmail.com

user posted image

[tutima]

Hope this is not another one of those hijack user name case.

[cwai02]

I hope this is not an hijack...

[CharlesDickens]

Damn. That's a load of crap right there!

[jraines87]

I hope this is not an hijack...

Well Rongoms did say

In fact....there is a full backup of the RWG database in the hands of a "member". so....interpert as you will.

in the "Message From Blade" thread....

Wonder who this member is who has a fullbackup of the RWG database

[cwai02]

50% is unreal. Why would Andrew be so stupid to tell us that he is making more than 50% profit margin?

[TimeBandit]

50% is unreal. Why would Andrew be so stupid to tell us that he is making more than 50% profit margin?

That is a pretty big assumption. Although its probably right.

However, certain business do liquidate STALE inventory at a high discount just to break even or take a small loss instead of having their cash tied up in inventory that isnt moving.

Will be interesting to follow up on this.

[Admin]

Looks like WT is having some database issues. I'll try back later.

T

[slay]

passwords are NOT stored as plain text in the database. they are crypted. and its way too hard to decrypt them as you might think!

i think its more likely that a login sniffer was placed on the site

[dadog13]

whatever it is...it is very suspicios...but let's wait for trusty...and hope it is true...

[trustywatchguy]

Dear friends from RWG, TRC, WT and RWI,

I will like to inform you all that the POST over at WatchTrader was never posted by me. Someone hijacked the account and posted all those things without me knowing it. I am very very angry with this as there is really somebody going around to sabotage people. As you can see, first was on Jos then now on me.

I was very sick over the past few days. Saw doc 2nd time and diagnosed with bronchitis. Doc asked me to rest more and thus I was off the computer almost the whole day. Some kind members emailed me to ask me if it's true. As you guys know, I have always kept to a very good pricing on my watches, even on Trusty Time.

I sincerely urged everyone to be extra careful with your password and make sure they arent the same with the other important things like PAYPAL or money related accounts.

Thank you!

ANDREW

[rek001]

Andrew, sorry to hear you are not feeling well. On top of that, this happening to you.

I hope you get better soon.

[premiumdesigners]

man, this sounds like an inside job

[jraines87]

man, this sounds like an inside job

Yea no kidding.... Wonder if Ron will tell who this member is that has a full backup of the old RWG database

[gran]

Well Rongoms did say

in the "Message From Blade" thread....

Wonder who this member is who has a fullbackup of the RWG database

Is it someone who is no longer here or is here under a new name?

I guess the question is if Ron have his/her IP adress or not

[spock]

Maybe a hysterical reaction but for me NO MORE reps from our dealers till this is solved.

They can steal all yr money from yr paypal account and creditcard.

[KB]

Has anyone noticed just how much has been going on at the moment and its spread out over all the boards, I do believe we are coming under an organised attack, best bet don't buy anything until you are 100% sure you are dealing with the owner of the username.

Ken

[Pugwash]

I sincerely urged everyone to be extra careful with your password and make sure they arent the same with the other important things like PAYPAL or money related accounts.

Andrew, can you confirm that you did in fact login to RWG1 after it was compromised? If this is the case, we can be one step closer to knowing that it was in fact a password sniffer installed on the site. If this is the case, anyone that didn't type their name/password into the old RWG can worry about other stuff instead.

[trustywatchguy]

Yes. Indeed I did log in RWG 1 to check on some PMs some members left.

I think this is really some kind of organised attack. First Jos, then me... I wonder who else next. =P

Andrew

[Pugwash]

Has anyone noticed just how much has been going on at the moment and its spread out over all the boards, I do believe we are coming under an organised attack, best bet don't buy anything until you are 100% sure you are dealing with the owner of the username.

We're just victims of opportunistic skr1pt k1dd13s: It doesn't look particularly organised to me. However, that advice is good advice, regardless of RWG1's fall.

You need to start implementing a few best practices, like encouraging people to post the board name on their for-sale pics, like RWI does.

We can, however, just hope that these rat-farts just decide to cut their losses and give up now before they're caught.

[Pugwash]

Yes. Indeed I did log in RWG 1 to check on some PMs some members left.

I think this is really some kind of organised attack. First Jos, then me... I wonder who else next. =P

You were just a victim of opportunistic proto-hackers that got lucky on a board-sploit. I don't think we're honestly under some sort of concerted attack.

In other words, the blame for this can be firmly put at anyone responsible for administering RWG1. Anyone not patching their codebase on something they made money off is a fecktard of the highest order. It's blatantly irresponsible to let something like that get to the point where a couple of eastern-european kids with a set of cheap-ass sploit scripts can get into people's paypal accounts and trade off reputations of valued members without any real effort.

The lesson to be learned is when the board Admin sets sail with a suitcase of everyone else's money, get the [censored] out.

[spock]

I'm a total idiot with internet but latetley i could not log in automaticly.

I had to login with my username and password.

It happend on WATCHTRADER and RWG

Is this coincidence or the most stupid post i've made?

I just want to help to elliminate this issue that's all.

Also we need an extra security for sending money.

I don't know how or what but it's easy to see what is happening but there are no explanations.

It can happen again and again.

Also i think there are too much new dealers.

Why?

We have great dealers (well most. LOL) and let's be honest all watches/reps are the same.

Ok maybe a better versions but we can buy all pams/rollies etc from every dealer.

maybe a better price but so what.

Keep it small please.

[Pugwash]

I'm a total idiot with internet but latetley i could not log in automaticly.

I had to login with my username and password.

It happend on WATCHTRADER and RWG

Is this coincidence or the most stupid post i've made?

If it was at the old RWG, it's bad. Elsewhere, it's fine.

(edit to add ... just change your passwords anyway. What harm can it do?)

Edited May 24, 2006 by Pugwash

[Admin]

@pugwash

I have to say that I seriously doubt your theory about a password sniffer on the old RWG. and I think we have to look elsewhere. The reason I am saying this is there are no known working hacks for the 2.1.3 version of Invisionboard that would give you access to the administrators area. To be able to install a password sniffer you would need access to the forums files and this can only be gained by

a)access to the admin section of the forums software or

b)ftp-access/shell-access to the server.

The first time RWG went down a couple of weeks ago it came back online with clear signs that somebody had been abusing a well known sql injection bug in the software. I believe I posted about this back then. This does NOT give you access to the admin section or ftp-access.

Having said all that, there is always the possibility there is a new and totally unknown hack out there, wich makes these things possible, but I do not believe your passwords was caught by a password sniffer at RWG1

my 2 cts

[slay]

bufferoverflow -> root axx on box -> full axx to everything. not that hard.

i bet most unix/linux systems have at least one hole!

if it was not a pw sniffer, how else could they have gotten the passwords of edge AND trusty??!