Ice TV hacked?

Started by MikeKulls, June 03, 2012, 09:55:06 PM

Previous topic - Next topic

MikeKulls

I have an email address that I ONLY use with ice tv. I only entered it once when I registered and have never used it again. This email address has started getting a LOT of spam. Has ICE TVs email list somehow been obtained by scammers?

For anyone who is skeptical, I have what is called a catch all account. it means that any email address at my domain goes to me. eg, I use microsoft@mydomain.com for MS, I use facebook@mydomain.com, icetv@mydomain.com etc. These all come in as if they were sent to me. (mydomain is not my actual domain name). Anyone else started getting lots of emails recently? Especially ones about facebook.

JPP

No, can't say that I have.
Phil.
Beyonwiz T2, DVDO Duo Video Processor

Dave

Antec NSK2480B Case & PSU, Asus M4A785TD-M-EVO motherboard, AMD Phenom II 965 3.40Ghz quad core CPU, 4Gb RAM, Hauppauge HVR2200 Dual Tuner, 1Tb and 500Gb WD HDDs, Windows 10 running NextPVR

MikeKulls

It is possible that they are just using common names to invent email addresses. I guess the only way to tell would be if I used a fairly unique email address of some sort.

tvmandan


IcedSpam

I believe IceTV's email list has been obtained by spammers.

I have received spam addressed to an email account that was created just for receiving IceTV messages.

I have not given that address to any individual or company apart from IceTV.

lukem

How many characters were in the username component?

IcedSpam


prl

I just had a look in the cesspit my spam gets diverted to, and I don't seem to have anything from anyone but my regulars :)
Peter
Beyonwiz T4 in-use
Beyonwiz T2, T3, T4, U4 & V2 for testing

lukem

Quote from: IcedSpam on July 12, 2012, 05:10:48 PM
Nine characters.

Could you please provide the email you received, and the email address, to my first name at icetv.com.au


IcedSpam

Quote from: Luke at IceTV on July 12, 2012, 05:46:02 PM
Quote from: IcedSpam on July 12, 2012, 05:10:48 PM
Nine characters.

Could you please provide the email you received, and the email address, to my first name at icetv.com.au
Done.

tonymy01

#11
Is this spam by any chance emails with titles like "blah blah BLEW YOU A KISS" and "Dear blah, how about an ENCOUNTER WITHOUT OBLIGATIONS?" "blah SENT YOU A FRIEND REQUEST"  etc etc (I get 5 or 6 of these damn things a day now, nearly all of them with the last few words in uppercase, with  links to an image which, if you even open the email, will download the image and let the spam mongrels know you are real, the stat server is a different URL in most of these emails, but when you traceroute/ping, nearly all go to the same server.    It is driving me insane, and it is an email address I tend to only sign up to trustworthy things with!
Regards
Tony

Beyonwiz DP-S1 & Topfield 5K (using PerlTGD to upload ICE EPG/timers for the 5K, normal ICE interactive for the Wiz).

IanHamilton

I also am getting various spam using my dedicated icetv email address. Lots of it. I opened a ticket with IceTV and they denied any possibility of a leak and tied to suggest it was my fault.

rockwatcher

Just clicked here to say that I am in exactly the same boat.  Have a dedicated e-mail (icetv@<mydomainname>.com) and received one e-mail addressed to icetv@<mydomainname>.com and another to icetv2@<mydomainname>.com.

lukem

We have not found any such evidence of a hack. Even so, we have taken additional measures to increase security.

If you are using a dedicated email for IceTV, I would suggest using something obscure, not just icetv@<domain>. It's easy to construct email addresses from permutations of random words, numbers and domain names. Yes, the permutations are huge, but so are the botnets which carry out the division of work.

You guys realise that there are many more attack vectors on an individual PC vs. the IceTV servers. If a rouge application accesses your browser history or contacts it would quite easily obtain this information. A rogue application could be just a webpage that you visited, a java applet, a flash app, an infected PNG or video, something else you downloaded, a Facebook app, rooted phone, the list goes on.

If you believe that your icetv email address has been compromised, change it, and send the details of the incident to abuse@icetv.com.au .