WARNING about Account Hijacking

[EEVblog]

WARNING: We have had a huge uptick in the number of hijacked accounts on the forum.
Security on the forum has NOT been compromised, it's because spammers have gotten a stolen credentials list, and people reuse passwords.
Please DON'T REUSE PASSWORDS, and change your pasword if you think you have been compromised.
And if you get an email that someone has tried to log into your forum account, if means your details have been compromised elsewhere and other accounts you have on other sites are at risk.

This has been mostly happenign to older accounts that don't often get used, but and automated script we now have in place to detect this is showing up to 4 accounts per day being compromised, hence the recent uptick in spam necroposting from established accounts.

[strawberry]

ahoy
I am here, shall me show who are made of wood or steel
I am here, if they have got guts even to try

[Kean]

Probably made easier due to the publicly available member list which they can try cross-referencing against user names or partial email addresses with leaked credentials from other sites.
A pain in the rear, but it is what is is and part of the process these days of putting almost anything on the Internet.

[schwaggins]

Thanks for unfreezing my account, my all Chrome data got stolen then reposted on some dark web forum. 541 compromised passwords is not fun to deal with

[radiolistener]

my all Chrome data got stolen then reposted on some dark web forum

How it happens?

[Kean]

my all Chrome data got stolen then reposted on some dark web forum

How it happens?

Usually via malware

[madires]

For example: Qilin ransomware caught stealing credentials stored in Google Chrome (https://news.sophos.com/en-us/2024/08/22/qilin-ransomware-caught-stealing-credentials-stored-in-google-chrome/)