Has PalmTalk been hacked??

85 posts in this topic

Sorry if it's in the wrong place, but I'm in a bit of a panic reading this. Has anyone else got one of these emails allegedly from Dean?

post-1155-1255433003_thumb.png

0

Share this post


Link to post
Share on other sites

Me too!

0

Share this post


Link to post
Share on other sites

Me too, thought it may be a Spammer???

Hacked_Palm_Talk_Doc1.doc

I daren't click on the link in case it unleashes all hell on my PC!!!

Rgds Andy.

0

Share this post


Link to post
Share on other sites

And me. :huh:

Probably everyone I guess.......

0

Share this post


Link to post
Share on other sites
Me too, thought it may be a Spammer???

I daren't click on the link in case it unleashes all hell on my PC!!!

Rgds Andy.

I did click on the link and got a pop up security message about the page lacking a "digital signature", so I didn't continue. The page was trying to load a Java applet which presumably was the game. I think it's spam more than a virus threat, but It's worrying that someone is sending these emails via PalmTalk. Here is some header information from the email:

Received: from [209.216.205.242] (port=42215 helo=admin.palmtalk.org) by serv01.siteground153.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.69) (envelope-from <d.ouer@mac.com>) id 1MxfU0-0006lz-F4 for info@princeofpalms.com; Tue, 13 Oct 2009 06:24:04 -0500

Received: (qmail 32710 invoked by uid 48); 13 Oct 2009 01:14:18 -1000

Message-ID: <20091013111418.32706.qmail@admin.palmtalk.org>

0

Share this post


Link to post
Share on other sites

Saw and deleted it with all the other junk!

aztropic

Mesa,Arizona

0

Share this post


Link to post
Share on other sites

Got it in my spam folder .

0

Share this post


Link to post
Share on other sites

I just got one that looks like it came from France.

0

Share this post


Link to post
Share on other sites
Saw and deleted it with all the other junk!

aztropic

Mesa,Arizona

Me too! :angry:

0

Share this post


Link to post
Share on other sites

Got the same shit,deleted it

0

Share this post


Link to post
Share on other sites

Me too, and :drool: I was hoping it was true. My antivirus blocked it. Well, palms will always win, even hackers!!!!

Edited by rafael
0

Share this post


Link to post
Share on other sites

got it too. Did anyone win the palm yet? :D

0

Share this post


Link to post
Share on other sites

I did! I did!

0

Share this post


Link to post
Share on other sites

I received it, and e-mailed back profanity, only to realize it's going to Dean's e-mail address, sorry Dean, Ed

0

Share this post


Link to post
Share on other sites
I received it, and e-mailed back profanity, only to realize it's going to Dean's e-mail address, sorry Dean, Ed

:lol: :lol: :lol:

0

Share this post


Link to post
Share on other sites

The bigger issue (in my opinion) is that the email had my user id in it. Either the site or someone with access to everyone's email/userid has issues.

Later

Andy H.

Tampa, FL

Hoping for a 10b winter.....

0

Share this post


Link to post
Share on other sites

It got it too. I deleted it. Someone has got hold of Dean's address book I reckon.

Best regards

Tyrone

0

Share this post


Link to post
Share on other sites
It got it too. I deleted it. Someone has got hold of Dean's address book I reckon.

Best regards

Tyrone

The email I got came from the IP address: 209.216.205.242 which is PalmTalk - and to match up our user names and email addresses too, means that the database may well have been hacked - or at least someone's account. It's a little concerning that Dean hasn't confirmed any of this yet. I've never received any spam at my business email address until now. I never imagined that registering it with PalmTalk would be anything less than secure.

0

Share this post


Link to post
Share on other sites
It got it too. I deleted it. Someone has got hold of Dean's address book I reckon.

Best regards

Tyrone

The email I got came from the IP address: 209.216.205.242 which is PalmTalk - and to match up our user names and email addresses too, means that the database may well have been hacked - or at least someone's account. It's a little concerning that Dean hasn't confirmed any of this yet. I've never received any spam at my business email address until now. I never imagined that registering it with PalmTalk would be anything less than secure.

I have also recieved this I also opened it. Thankfully my Virus software shut it down. It is good to know our personal information is safe. Hopefully they did not get all of the members credit card numbers.

0

Share this post


Link to post
Share on other sites

Here is the owner of the domain that is in the link. Notice the last update was 10/7/2009, so this may be a hijacked domain which is common with these scumbags.

domain: neuf.fr

status: ACTIVE

hold: NO

holder-c: S12548-FRNIC

admin-c: FR2719-FRNIC

tech-c: NC2197-FRNIC

zone-c: NFC1-FRNIC

nsl-id: NSL6239-FRNIC

registrar: NEUF CEGETEL

anniversary: 10/07

created: 24/10/2003

last-update: 10/07/2009

source: FRNIC

ns-list: NSL6239-FRNIC

nserver: nanni.hittite.isp.9tel.net

nserver: hazzi.hittite.isp.9tel.net

nserver: dns2.gaoland.net

nserver: ns01.sitadelle.com

nserver: ns1.9services.com

nserver: ns2.9services.com

source: FRNIC

registrar: NEUF CEGETEL

type: Isp Option 1

address: 40-42 Quai du Point du Jour

address: BOULOGNE BILLANCOURT CEDEX

country: FR

phone: 0 800 959 959

fax-no: +33 1 70 18 29 10

e-mail: hostmaster@9tel.net

website: http://www.neufcegetel.fr

anonymous: NO

registered: 31/10/2000

source: FRNIC

nic-hdl: NC2197-FRNIC

type: ORGANIZATION

contact: NEUF CEGETEL

address: NEUF CEGETEL

address: 40, quai du Point du Jour

address: 92100 Boulogne-Billancourt

country: FR

phone: +33 1 70 18 43 56

fax-no: +33 8 11 90 03 78

e-mail: noc@9tel.net

changed: 06/04/2009 nic@nic.fr

anonymous: NO

obsoleted: NO

idstatus: ni

source: FRNIC

nic-hdl: S12548-FRNIC

type: ORGANIZATION

contact: SOCIETE FRANCAISE DU RADIOTELEPHONE - SFR

address: 42, avenue de Friedland

address: 75008 Paris

country: FR

phone: +33 1 70 18 43 56

fax-no: +33 8 11 90 03 78

e-mail: domaine@9tel.net

changed: 09/07/2009 nic@nic.fr

anonymous: NO

obsoleted: NO

idstatus: dy

source: FRNIC

nic-hdl: FR2719-FRNIC

type: PERSON

contact: Franck Rohard

address: SOCIETE FRANCAISE DU RADIOTELEPHONE SFR

address: 42, rue Friedland

address: 75008 Paris

country: FR

phone: +33 1 71 71 10 00

fax-no: +33 1 71 71 10 01

e-mail: domains@sfr.com

changed: 24/07/2009 nic@nic.fr

anonymous: NO

obsoleted: NO

source: FRNIC

0

Share this post


Link to post
Share on other sites

I got it and didn't open it, just deleted it.

0

Share this post


Link to post
Share on other sites

I opened it, clicked the link, waiting for the Java to load and nothing happened on the page...

I'm disapointed. I want to play the palm game. :(

0

Share this post


Link to post
Share on other sites
I opened it, clicked the link, waiting for the Java to load and nothing happened on the page...

I'm disapointed. I want to play the palm game. :(

Be careful, as it may be loading one of those fake viruses on your PC where they try to extort your credit card informatioin to fix it.

0

Share this post


Link to post
Share on other sites
The email I got came from the IP address: 209.216.205.242 which is PalmTalk - and to match up our user names and email addresses too, means that the database may well have been hacked - or at least someone's account. It's a little concerning that Dean hasn't confirmed any of this yet.

Dean is usually asleep at 4:30 AM.

............We waiting for you!! :) ...............

The wording reads like Chinese-translated English to me. I want my thousand's palm!

0

Share this post


Link to post
Share on other sites
I opened it, clicked the link, waiting for the Java to load and nothing happened on the page...

I'm disapointed. I want to play the palm game. :(

Be careful, as it may be loading one of those fake viruses on your PC where they try to extort your credit card informatioin to fix it.

I got one of those recently while reading a webpage about hotsauce made in a prison... Go figure.

Took me nearly a full day to get all the pieces of the program out of my computer. It spidered into many different locations and it was almost like if all parts weren't removed the remaining parts would rewrite the missing parts on the following reboot. It was a royal PITA.

0

Share this post


Link to post
Share on other sites

got it too.did nt trust the bad english(hey was nt that a 1980s band?) and deleted it.

0

Share this post


Link to post
Share on other sites

I immediately went to my e-mail and deleted the !@#%$^&* sight unseen. I looked at the image John posted and agree the English is stilted and phony.

0

Share this post


Link to post
Share on other sites
got it too.did nt trust the bad english(hey was nt that a 1980s band?) and deleted it.

You're thinking of Bad Company or Modern English.. probably. :blink:

Kim, you're right. I forgot that Dean is in Hawaii. He's probably eating his cornflakes right now.

0

Share this post


Link to post
Share on other sites

so there's no free palm? :floor:

0

Share this post


Link to post
Share on other sites

i didnt get it.not cool enough i suppose. :indifferent:

0

Share this post


Link to post
Share on other sites

John,

I don't even think Dean got to his cornflakes yet. He's usually up late at night and may wake up late. It's not even 7 a.m. here, so it could be a little while before he checks in. Interestingly, I did not receive this, but my wife (who is also a Forum member) did receive it. I certainly wouldn't advise anyone to click on that link!

Hopefully, we'll get this sorted out soon!

Bo-Göran

0

Share this post


Link to post
Share on other sites

Bo, why are you up at this hour?! Late night partyin'? ;):D

0

Share this post


Link to post
Share on other sites
Bo, why are you up at this hour?! Late night partyin'? ;):D

Working all night to figure out what happened, I'm sure!

I, too, am really bummed this wasn't a real contest. It should be. :drool:

0

Share this post


Link to post
Share on other sites

"Late night partyin" takes on a different meaning here. Our New Year's Eve party is usually over by about 10 p.m. :lol:

0

Share this post


Link to post
Share on other sites

I too did not get one. I feel left out. And concidering my political views being left out makes me ANGRY. :rage:

0

Share this post


Link to post
Share on other sites

I also received the email and summarily deleted it. I felt it wa bogus (not officially from IPS). And if it wasn't bogus, I would have been somewhat pissed about it.

0

Share this post


Link to post
Share on other sites

To all the arm-chair admins :), there is no cracking of your data or credit cards. This looks like an exploit script that is taking advantage of some function (probably php exploit) within the Invasion Board software. When you see "PalmTalk Statistics" or "How to unsubscribe" in the email, that tells me this is the case. Seeing your username seals it.

For those that put email addresses online that don't want Spam, simply never use the one you want for work online. Use aliases so they can be deleted if sold or harvested. Example if you have "joe@job.com", set up 'palmtalk@job.com". If you get mail to 'palmtalk@job.com" from a spammer, you know your address is now in the spam DBs. Then deleted that alias and change to "'palmtalk1@job.com" for example. Better yet, set up an email address that only works through challenge and response. www.spamarrest.com is what I use for my address I submit when ordering online or placing into forums (which are notorious for exploits). The only way you would have gotten this email is if a human accepted your challenge. Spammers do not, so this mail would be dumped after a few days without your knowledge.

0

Share this post


Link to post
Share on other sites

I got one and deleted it, I could tell something was amiss.

0

Share this post


Link to post
Share on other sites

I came, I saw, I deleted.

0

Share this post


Link to post
Share on other sites

i think it was mattyb.he is a known DELATIOR.

0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now