READ THIS ***NSX Prime User Accounts With Weak Passwords Hacked!*** READ THIS

Honcho

Honcho

Legendary Member
PrimeAdmin
Tech Expert
Joined
27 July 2007
Messages
7,885
Location
Denver, CO
Folks-

We've now seen two instances of Prime members accounts being hacked and used to list expensive parts for low prices. Please take the time to go into your account and change your password. If you find that you are locked out of your account- make a new temp one and post in this thread. I will PM you and reset your account.

Honcho
 
After reading this, I went to change my password. I was already logged in, but when I tried to change my password the system wouldn’t accept my existing password to let me change to a different one.

So I logged out, then clicked log in, said I forgot my password, entered my email address, and it sent me a link where I successfully changed to a new password.
 
Last edited:
Just a quick update. After speaking to the Xenforo support team, we were able to confirm that the site itself was not compromised. Instead, it appears that the hacker(s) compromised a few individual accounts with weak and/or shared passwords. Thus, I STRONGLY recommend that Prime members change their password to something strong and don't use it anywhere else.

Honcho
 
thanks for the heads-up! changed mine last night
 
Unfortunately, looks like a member fell prey to my compromised account.

My friends started messaging me yesterday about it and I tried to address it as soon as I could. @JohnWayne reached out to @Honcho and that's when I believe the fake "for sale" threads were removed and my account suspended.

Hopefully the member can cancel the payment and/or recover their money somehow.

I have reached out to/informed @Honcho of this situation and asked him to reach out to the member as well.

I apologize from the bottom of my heart that this happened, as I'm an avid and fiercely loyal member of the NSX community.

Also, hopefully no one else was somehow indirectly affected while my account was compromised.

Very respectfully,
-jason

p.s. the member asked me to remove/edit his username from this post for the time being.
 
Last edited:
Honcho said:
Just a quick update. After speaking to the Xenforo support team, we were able to confirm that the site itself was not compromised. Instead, it appears that the hacker(s) compromised a few individual accounts with weak and/or shared passwords. Thus, I STRONGLY recommend that Prime members change their password to something strong and don't use it anywhere else.

Honcho
Click to expand...
I try to get the members of my forum to use strong passwords but as human nature goes, the ones who don't really care won't change or don't use their account often enough to follow through. Same goes for two-step verification. You can offer it as an option for users but the only way to make it work for the whole site is to make it mandatory.
 
e9coupe said:
I try to get the members of my forum to use strong passwords but as human nature goes, the ones who don't really care won't change or don't use their account often enough to follow through. Same goes for two-step verification. You can offer it as an option for users but the only way to make it work for the whole site is to make it mandatory.
Click to expand...
I am considering making it mandatory, in light of all this.
 
JLCoolman said:
Unfortunately, looks like a member fell prey to my compromised account.

My friends started messaging me yesterday about it and I tried to address it as soon as I could. @JohnWayne reached out to @Honcho and that's when I believe the fake "for sale" threads were removed and my account suspended.

Hopefully the member can cancel the payment and/or recover their money somehow.

I have reached out to/informed @Honcho of this situation and asked him to reach out to the member as well.

I apologize from the bottom of my heart that this happened, as I'm an avid and fiercely loyal member of the NSX community.

Also, hopefully no one else was somehow indirectly affected while my account was compromised.

Very respectfully,
-jason

p.s. the member asked me to remove/edit his username from this post for the time being.
Click to expand...
Sorry to hear that. Were the fake sales for a set of headers and wheels? Any idea how your account was hacked?
 
Folks-

A Prime moderator's account (Drmanny) was hacked and he has been infiltrating the sale ads posing as Shawn. He also deleted the original hacked thread. I've locked him down, but PLEASE reset your passwords to something strong and consider 2-factor authentication.

I've forced all mods to reset their passwords before being able to login again.

Honcho
 
Also, as a reminder, do not send a seller any money unless they have a pic listed on the ad with their prime name and current date on a piece of paper next to the item, or they send you one via PM. Prime members are getting scammed this way.
 
Last edited:
drew said:
Any pattern on IP locations?
Click to expand...
No, but it looks like Russia. They are compromising old inactive accounts. There was a massive data breach at VBB a few years ago and many forum account logins were exposed. They're using that old login data to get into the forum. I'm looking into doing a mass reset passwords for all members before being let back into the forums.
 
While a password change likely will solve it, I strongly recommend members change to 2-factor authentication to protect their accounts from being compromised. To enable this feature, click on "Password and security" in your account window:

Screenshot 2023-11-27 143012.jpg

Next, enable 2-factor authentication. You will need an authenticator app on your phone. I use Google Authenticator. It provides a rolling code to enter when you log into the website. It will also create a list of one-time use backup codes in case you don't have your phone with you. Write these down or save them somewhere secure.

Screenshot 2023-11-27 143856.jpg
 
Reminding everyone to invest in a good password manager and change all your passwords to something randomized. They often have generators built in so you can easily create strong passwords. Download the browser extension and mobile app so you can have access to your passwords everywhere.

I recommend getting one that allows 2FA codes to be added so you don't have to finagle two things (I don't trust Google, I avoid Chrome/Authenticator).

There are password dumps sites and even worse on the dark web, people buy these for dirt cheap and brute force through them all to basically find something of value to scam with. Similar with credit cards and stuff.

So if your email (which is used for tons of things) is part of a breach with a password you use in multiple places, you'll get busted unless 2FA/MFA is enabled for that site.
 
We just had another incident where a scammer compromised a user and attempted to sell an exhaust. Luckily, we caught him before any money was exchanged. This time, the scammer photoshopped a "note" into the picture of the item to try and get around our new rule.

As we have always said here on Prime, the main rule remains Caveat Emptor. Please take extra care before sending someone money. To that end, here are some things you can do when considering a marketplace purchase that should help:
  • Look at the price. Is is about what you would expect or does it look low? Scammers have been setting prices low, but not too low, in order to make the item appear like a really good deal. This is a small community and most of us know about how much things cost for the NSX. For example, if you see a brand new exhaust system (normally $1,500-$4,000) being listed for $900, your alert should go off.
  • If the seller is a long-time member, check their profile to see when they last posted. If it's from 2009, for example, your alert should go off. The hacks are happening because Vbulletin was hacked many years ago and login info for many different forums, including this one, was compromised. The scammers are accessing old profiles that are inactive and posing as these members in the marketplace, using pictures from other for sale posts.
  • Consider using standard Paypal, not friends and family. This way, you have a chance at getting your money back. If the seller insists on F&F, then you should walk away or insist on further verification. Face time with the seller standing next to the item, for example.
  • Ask for additional pictures. The scammers are limited to only the pictures posted by the original member, since they don't have access to the actual item.
  • Search for the item in the marketplace forum. If the same item with identical pictures appears in a sale ad from years ago, your alert should go off.
  • If you know the actual member whose profile is selling, ask them questions only they would know. If they can't answer, walk away and report them.
  • If you do catch a scammer, please report them immediately and forum staff will take the ad down and lock the member account. This last exhaust scam was saved because @JohnWayne spotted it and texted me directly. The more we stop these scumbags and make it hard for them to steal from us, the faster they will move on to another forum.
 
Another scam we have been seeing lately is for a scammer/impersonator (often with a similar username to the seller) to post a cellphone or email address for contact, on SOMEONE ELSE'S for-sale listing. If you call them or email them directly with those fraudulent cellphone or email addresses that the impersonator controls, they will impersonate the seller, negotiate a price, take your payment, and your money is gone like a bride's pajamas.
  1. Don't post potential buy/sell info on the for-sale thread unless it is a question about the item. So it's reasonable to post "Will it fit a 1995?", but if you want to say "Will you sell it for $333 shipped to Kalamazoo?" that should be sent in a direct message/private message to the seller. But be aware that even posting "Will it fit a 95?" lets a scammer know of your interest and the scammer may DM you from a bogus account.
  2. Do not post any private contact information. Besides giving scammers your contact info, the forum is public and this information can be scraped by bots, even if it's disguised, like "605 four four two 6677".
  3. If someone initiates contact with you, even via DM, check VERY carefully that the username is exactly the same, as imposters will often start a new account with a similar username. Be very wary of new accounts.
  4. Do NOT send money via Western Union, Zelle, PayPal friends & family, or any other similar systems which do not protect you from fraudulent transactions, unless the $ are so small you don't care about losing it. (Regular PayPal does have buyer protection, but not F&F, so this distinction is important.)
  5. If you're posting a WTB, demand to see dated, identified, pictures of the item and again use a reversible payment method. It's too easy for a crook to find a picture of what you want and send it to you. After you pay, you will never get the item and that's the last you'll hear from them, because they never had the item.
  6. Don't buy anything on FaceBook except in person. There are soooooo many scammers.
 
Last edited:

Similar threads

centerpunch
Read this before you buy any NSX
Replies
8
Views
412
bullithollywood
bullithollywood
Honcho
  • Locked
  • Sticky
***AVOID SCAMS! DO THIS WHEN PURCHASING!***
Replies
0
Views
916
Honcho
Honcho
Honcho
  • Locked
  • Sticky
****STICKY**** - READ THESE RULES BEFORE POSTING AN AD!!
Replies
0
Views
1K
Honcho
Honcho
Kaz-kzukNA1
GROM BT3 - potential issue - with European spec OEM Head Unit only
Replies
2
Views
276
Kaz-kzukNA1
Kaz-kzukNA1
I_M_Legend
DIY & Review of Bi-LED Projector Retrofit install
Replies
10
Views
381
I_M_Legend
I_M_Legend
Back
Top