Apparently doing so can get your account hacked, AVOID THIS SH*T LIKE THE PLAGUE!
screenshots of a compromised account:
Edit: Changed my mind about the banning of the word, it's a bad idea as it would make it impossible to tell whether an account has been compromised or not.
And also, they aren't just aiming at 0-1000 point accounts anymore:
I think the most likely way this would have happened is by credential stuffing (trying known email/password pairs that have been leaked from other services online). I don't advise clicking on dodgy links from these bots of course, but the best way you can keep your account secure is by making sure that you use a strong password for your SP account and don't use the same password on multiple online services. You can also use the tool HaveIBeenPwned to check if your information has been included in known data breaches. It probably has.
@WNP78 @PhilipTarpley @AndrewGarrison You should take a look at this.
Not sure what the best approach to the situation is, but I think autodeleting posts with the full word using some kind of spam filter could work for now.
Remove that post! But not this post.
@temporaryplanetester well i would hope that my account is not hacked by the hackers at your very shady verifpro "crypto accounts website"
@PlaneFlightX For my current account I really couldn't care less if it got hacked, since I have all my planes from it still on my pc.
My old account however, matters enough to me that I chose to lock myself out of it instead of deleting it like I did with basically every other account I had at the moment.
At least the password is pretty strong as a consequence, so maybe it won't be affected by this.
I think the reason these accounts are being hacked is reusing the same password across different sites. If one less secure site suffers a data breach, then that username and password can be tried on other sites, and if it works, then the account on that site is compromised.
On the topic of "commenting on the Veri**pro posts can get you hacked", no. Unless the hackers somehow compromise the SimplePlanes website itself (even then hacking users would be unlikely), you cannot get hacked if you don't provide any personal information or download malware.
My recommendations, at least for now, are pretty simple: change all your passwords to strong random character passwords (unique to each site), and don't click any suspicious link.
Damn, i was going to make little funeral comments on all of the posts where someone with more than a few points got infected @JeskoGoesVROOM
nope, that is a risk of being hacked by them as well
@Dathcha
i might come back and say that was this account
i clicked on it by accident, if you don't see me you know what happedend
The creator of the Tonk build, a gold user, has been compromised.
korzalerke i confused you for another crazy silver user
We can still comment on the posts right
I have looked up Verifpro, and found Verifpro, a website that sells financial accounts (e.g. PayPal accounts, bank accounts, et cetera, all likely stolen). The link might lead to the same Verifpro website. For whatever reason it is, the people behind Verifpro appear to have successfully compromised these accounts, through other methods, turning these accounts into adbots.
.
I suggest redacting the link for safety purposes.
this is definitely a plaid level threat
@HuskyDynamics01 yeah ik and seems he was active as recent as two weeks ago
@temporaryplanetester In that case, I'll stop commenting Hide the Pain Harold faces on those posts.
Even a 1,000 point account got invaded
A silver account appears to have just been compromised, this is definitely a very serious problem.
@temporaryplanetester Noted, I'll stop commenting stuff like "begone" on them lol.
At least this explains how there are so many.
@realSavageMan No, I don't think I will
@temporaryplanetester aight
@IceCraftGaming forgot to tag you as well, refer to previous comment
@realSavageMan doing that is actually a bad idea, since the accounts will delete their posts (and therefore any evidence they're compromised) a few minutes after anyone comments on the posts.
You should instead just screenshot it, then report the post without commenting or upvoting.
You should rickroll the bots, not us. @IceCraftGaming