Jump to content

security incident on forum.eset.com

MS-adm

By MS-adm
in ESET Announcements

 Share

Recommended Posts

Near_Far

Near_Far 4

Posted
Posted

Not long ago, our main e-mail address received an e-mail about the hack at the Avast forum.  I've never even used Avast, and I haven't used our main e-mail address to join a message board for many years now.  Either the e-mail was fake, or I may have joined with this address a long time ago when I was shopping for AV software and perhaps wanted to ask questions.  I don't remember now.  Anyway, the e-mail got deleted and I'm not doing anything with it.  Unfortunate that the bad guys have this e-mail address, but sometimes it does get a lot of spam and sometimes not.  

 

I think someone here addressed this already, but I will mention that it's a good idea to have a "throw away" web based e-mail address to sign onto message boards.  What happened to Avast and to this board just emphasizes that fact.  There have been several attempts over the past several months to hack the e-mail address I used to sign up to this board, all hacking attempts unsuccessful.  These attempts were based from various IP addresses around the world.  

 

It's my feeling that those who hack the databases of message boards set up by software security vendors may get a sense of enjoyment out of the irony of basically thumbing their noses at the software security companies.  I realize that ESET doesn't own the company that hosts this board, but it's kind of an "in your face" thing when a board that a software security company uses to help customers experiences a security breach. 

Link to comment
Share on other sites
SweX

SweX 871

Posted
Posted (edited)

 

 

This is dumb for a security forum!

 

TH :rolleyes:

Don't worry the Webroot Forum will follow soon   :P  ;) (But let's hope not)

 

AFAIK, It doesn't matter if a forum is about Cars, Technology or Security. They are all forums running on software, so if the Car forum runs the same forum platform as the Security forum then you can't secure the Security forum any better than the Car forum and hope that the 3'rd party does everything they can to keep it as secure as possible.

 

I imagine that we will just see more and more of these bastard attacks.

 

 

This is not about Webroot I said it's sad (dumb) for a security forum and nothing more I could of picked a better word and I belong to many security forums so who is next and I did check with the Webroot Community Manager about this and he showed me this from Lithium Board Software and they Host their own Forum Software hxxp://www.lithium.com/security sorry if anyone took offence.

 

TH

No it's not, but it's dumb to whatever forum it happens to it doesn't matter what the forum is about, it was just an example that it can happen to any forum.

 

It's sad that it happens yes, but one can only do as much as one can do.

 

I don't think anyone took offence. We all learn from our mistakes I guess, the way forward is to improve and then improve some more. I believe that the people operating the forum did the best they could to secure it from basement to roof, but this still happened so they are surely sad and wonder how it could happen even if they did the best they could. Hopefully the investigation will give some answers.

 

What's even more dumb and sad is that some people have nothing better to do than hack into databases. 

Edited by SweX
Link to comment
Share on other sites
SweX

SweX 871

Posted
Posted (edited)

 

Asked and answered at post 26

 

For some reason it feels better having the forum hosted by a 3'rd party as it is them that will get hacked. I don't really look at these forum hacks with harsh eyes anymore since we see news like this almost everyday now. As long as one doesn't use the same pass elsewhere there's not much to worry about. Registering with an "alias" is also good of course.

 

It wasn't a question, it's only my opinion from my point of view. ;)

Edited by SweX
Link to comment
Share on other sites
SweX

SweX 871

Posted
Posted

So would this be why I got an email last night from orders.eset.com with trial username/password information when I did not request one?

Interesting. I have not received any suspicious email...yet anyway. 

Link to comment
Share on other sites
Blazer

Blazer 2

Posted
Posted

Bonus points for ESET because handling situation well. This is how company should do it. Confess what up, warning to change password instantly, no throwing mud, taking time to investigate. No matter how bad it is these things can happen and how ESET handled it is cool. Better then Avast. Avast decided to blame someone else without evidence.

Link to comment
Share on other sites
Pentode

Pentode 13

Posted
Posted

I agree with Blazer, here at ESET we where informed pretty quickly and no two ways about it..... Avast is still down, I understand it was unpatched software, at least ESET is not bloated and full pop-up adverts

 

Dave

Link to comment
Share on other sites
  • 1 month later...
ali mohamed

ali mohamed 0

Posted
Posted

how can i trust eset again ? after that i was trust eset but now it can't protect her company how can it protect us i'm sorry i won't trust eset again and avast the same thing and i'm sad i have to use another antivirus sorry -_-

Link to comment
Share on other sites
Arakasi

Arakasi 549

Posted
Posted (edited)

how can i trust eset again ? after that i was trust eset but now it can't protect her company how can it protect us i'm sorry i won't trust eset again and avast the same thing and i'm sad i have to use another antivirus sorry -_-

 

That is absolutely ridiculous.

Maybe if you understood a little about what occurred, and took the time to research what causes these types of breaks in security and that the vulnerability was at the hosting providers end, and had ABSOLUTELY nothing to do with ESET, besides harm their reputation.

In addition could not have been prevented by ESET, because this forum is run by IPBoard. Slander posts like this need to be taken to their forums, not ESET's

Have a wonderful elegant evening.

Edited by Arakasi
Link to comment
Share on other sites
SweX

SweX 871

Posted
Posted (edited)

how can i trust eset again ? after that i was trust eset but now it can't protect her company how can it protect us i'm sorry i won't trust eset again and avast the same thing and i'm sad i have to use another antivirus sorry -_-

FYI, the Forum and the forum software is not connected to the products in any way so you can continue to use ESET software with peace in mind   :)

 

In addition to what Arakasi said.

Edited by SweX
Link to comment
Share on other sites
  • 3 months later...
Pentode

Pentode 13

Posted
Posted

It's dumb to use the same password more than once anywhere whether ESET or not. I came here from Avast and glad that I did with their sly installations of unwanted products, even on updates where there are no 'option boxes' to tick, which is often concealed or displayed in a flash  you just didn't see it, not to mention unwanted toolbars. I could see all this coming so I left when they started their 'try this er that pop-ups',

 

Just to say, I hope NOD32 stays free from bloatware, pop ups and adverts, the only time I know NOD32 is running is when it updates.....  or when I get a 'slap on the hands' by visiting a dodgy website, stay that way ESET and I'll be a happy customer.

 

Dave

Link to comment
Share on other sites
Arakasi

Arakasi 549

Posted
Posted

Thanks for your feedback Pentode.

We have some brilliant minds at ESET.

I am confident their path for fighting malware and improving products is the most taken one and preferred amongst customers and other vendors alike.

 

Cheers ~

Link to comment
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...