your help is needed

Discussion & Support for xplorer² professional

Moderators: fgagnon, nikos, Site Mods

User avatar
nikos
Site Admin
Site Admin
Posts: 15771
Joined: 2002 Feb 07, 15:57
Location: UK
Contact:

Re: your help is needed

Post by nikos »

this is a good business plan too :)
User avatar
johngalt
Gold Member
Gold Member
Posts: 559
Joined: 2008 Feb 10, 19:41
Location: 3rd Rock
Contact:

Re: your help is needed

Post by johngalt »

Protection rackets are pretty old business techniques.

But if the IPs are already reported as being malicious, then it's not necessarily targeting you but probably a broadscale probe of lots and lots of websites in order to find vulnerabilities in order to hack, or else simply a test run prior to an actual DDoS attack by some sort of bot net.
Image

Image
User avatar
nikos
Site Admin
Site Admin
Posts: 15771
Joined: 2002 Feb 07, 15:57
Location: UK
Contact:

Re: your help is needed

Post by nikos »

why would they download the installer again and again every 10 seconds? Surely there's no vulnerability to exploit there
anyway, probably these guys are recruited by the devil to do senseless damage for no profit :twisted:
Gandolf
Gold Member
Gold Member
Posts: 466
Joined: 2004 Jun 12, 10:47

Re: your help is needed

Post by Gandolf »

It's like the cold callers. What is the point of 'phoning a number, and then saying nothing? I don't know whether to feel annoyed, or sorry for such sad people.
User avatar
johngalt
Gold Member
Gold Member
Posts: 559
Joined: 2008 Feb 10, 19:41
Location: 3rd Rock
Contact:

Re: your help is needed

Post by johngalt »

nikos wrote: 2021 Oct 27, 14:10 why would they download the installer again and again every 10 seconds? Surely there's no vulnerability to exploit there
anyway, probably these guys are recruited by the devil to do senseless damage for no profit :twisted:
If they can crash the webhost, or cause some sort of memory issues to break its security so they can then get an inroad to start sifting through other data, they will do it.

Who knows? Could be a test - could be they are fishing for information on other targets and just taking a chance that maybe they are a customer of yours. Could be they already have information from another source on one or more targets that made a purchase from you, so they are trying to now get your customer list to expand their data mining to other servers / service providers / developers.

And so many, many more possibilities as to *why* they are / were doing it.
Image

Image
User avatar
johngalt
Gold Member
Gold Member
Posts: 559
Joined: 2008 Feb 10, 19:41
Location: 3rd Rock
Contact:

Re: your help is needed

Post by johngalt »

Gandolf wrote: 2021 Oct 27, 14:48 It's like the cold callers. What is the point of 'phoning a number, and then saying nothing? I don't know whether to feel annoyed, or sorry for such sad people.
I wouldn't feel too sorry for them. They get paid to do this.

But, a lot of robocalls are now exactly that - calls made by robots. The dead silence is a trick to get the other party to interact with the robot, who records the interactions as proof that the line they have called is a live line with a human at the other end - so that number can then be targeted later on by whomever.

If a number I do not recognize calls me, it goes to my VM, I do not answer. With Caller ID being as good as it is these days here in the states, I can easily discern if I need to answer a call or not - anyone that needs to get a hold of me already has my number, and I know who they are - and in case of emergency, it's highly unlikely they will be calling me from an unknown number. Everyone else gets my Google Voice number, not my actual number, so a lot of those spam calls and robocalls and spam SMS and robo-sent SMS get ferried to GV and keeps my real number (mostly) free and clear of such non-sense.

And yes, this pertains to my land line as well - I have a GV # for that number as well. It's not as easy to set up now as it was back when GV numbers first went public, but since I got in that early, I have that benefit.
Image

Image
Robert2
Gold Member
Gold Member
Posts: 671
Joined: 2004 Jun 17, 15:39

Re: your help is needed

Post by Robert2 »

Here is another thriving business plan. :)
Microsoft says that "password spray attacks" are on the increase. Details at Protect your business from password sprays with Microsoft DART recommendations
and
Advancing Password Spray Attack Detection
User avatar
nikos
Site Admin
Site Admin
Posts: 15771
Joined: 2002 Feb 07, 15:57
Location: UK
Contact:

Re: your help is needed

Post by nikos »

these guys need psychotherapy for sure
now they are hitting the download page once a second :x
at least they cannot download anything so the impact is not as bad as it used to be
I give up!
User avatar
johngalt
Gold Member
Gold Member
Posts: 559
Joined: 2008 Feb 10, 19:41
Location: 3rd Rock
Contact:

Re: your help is needed

Post by johngalt »

It may be a semi-malicious attempt to bring your servers down because script kiddies, but it could very well be something a lot more sinister.

I hope things have cooled down since then.
Image

Image
User avatar
nikos
Site Admin
Site Admin
Posts: 15771
Joined: 2002 Feb 07, 15:57
Location: UK
Contact:

Re: your help is needed

Post by nikos »

no, this has been going on non stop for 2 years! And it doesn't look like ending anytime soon
Post Reply