Just received this on Skype from Nick @ RamNode

[kaniini]

Hmm, sounds like it was phished based on the message D. Strout posted earlier?

 

[drmike]

Man, what's with the hate of  RamNode by some random, faceless and if found headless skids lately?

 

[D. Strout]

If found headless skids

Good one. Maybe they're jealous of Nick's success? IDK, but they really need to get a life.

 

[Marc M.]

Man, what's with the RamNode hate of some random, faceless and if found headless skids lately?

@ someone has put allot of effort into this. I wonder what the skid sent Nick by email... to make him "byte" and phish his Skype password.

 

[D. Strout]

Nick said "social engineering", not "phishing". Maybe they called Skype support and convinced them they were Nick somehow, then got access to the account and had their fun.

 

[Marc M.]

Nick said "social engineering", not "phishing". Maybe they called Skype support and convinced them they were Nick somehow, then got access to the account and had their fun.

@D. Strout I doubt that. I've contacted Skype support before and they won't cooperate. Then again maybe the skid got lucky.

 

[drmike]

someone has put allot of effort into this. I wonder what the skid sent Nick by email... to make him "byte" and phish his Skype password.

 

That's a fair question.  I do wonder.

I have disjointed accounts, so cornering me into a click or something like that isn't going to happen.  It's the luxury of not being public person / provider with clear accounts, known emails, etc.

Reminds me of another reason to stop warehousing info online --- especially in email where a treasure trove could be taken and mined. 

 

[Marc M.]

That's a fair question. I do wonder. I have disjointed accounts, so cornering me into a click or something like that isn't going to happen. It's the luxury of not being public person / provider with clear accounts, known emails, etc. Reminds me of another reason to stop warehousing info online --- especially in email where a treasure trove could be taken and mined.

@ I have 20+ email accounts and not a single one of them has any relevant or useful information.

 

[D. Strout]

I get the feeling Nick won't be divulging the exact nature of the attack. If it was password reuse and he's too ashamed to admit it, that would be a pity. Either way, I have to say I'm losing some confidence in RamNode. Malicious skids shouldn't be having this much success, first against SVM and now against his Skype.

 

[drmike]

I have 20+ email accounts and not a single one of them has any relevant or useful information.

 

Impressive.  How do you accomplish such a feat?  There are all these account emails, emails that tend to leak personal info, etc.

I've gone out of my way to self preserve --- but open to other folks ideas.

 

[Marc M.]

Impressive. How do you accomplish such a feat? There are all these account emails, emails that tend to leak personal info, etc. I've gone out of my way to self preserve --- but open to other folks ideas.

@ They're all used for different things, however I don't type up any relevant conversations. I have a phone (or two) if I need to talk to someone about something important, and if I want to, I can also scramble the conversation. You can never be to careful... Oh, and I don't click, not even open, emails that I have no clue where they are coming from. They go to /dev/null so to speak.

 

[manacit]

Or maybe he didn't actually piss off anyone, they just felt like framing him for the lulz. 

I'm guessing it's this, I don't think Robert is quite that daft.

Whoever it is really knows how to push everyone's buttons though, it's starting to get pretty damn annoying.. 

 

[Marc M.]

I'm guessing it's this, I don't think Robert is quite that daft. Whoever it is really knows how to push everyone's buttons though, it's starting to get pretty damn annoying..

Whoever it is, it's not the kind of person that you want to mess with :unsure:

 

[JDiggity]

I believe it is probably JohnnyDbag

 

[scv]

They're connecting from 168.63.55.14, which is a microsoft owned IP.


Francisco

Microsoft introduced media proxy to Skype as an optional setting, so no more direct P2P calling. This is probably just a skype proxy server.

 

[Steven F]

While I cannot comment on Nick's password habits, please remember that it is possible he uses the same password for another service. Meaning the "hacker" used social engineering to acquire (this scenario is 100% made up) his Linked In password, which Nick also uses for Skype.

 

[Leyton]

Microsoft introduced media proxy to Skype as an optional setting, so no more direct P2P calling. This is probably just a skype proxy server.

Learn something new every day...

 

[ErrantWeb-Travis]

Microsoft introduced media proxy to Skype as an optional setting, so no more direct P2P calling. This is probably just a skype proxy server.

Well at least they finally added a feature that's useful after their acquisition. 

 

[Tux]

I get the feeling Nick won't be divulging the exact nature of the attack. If it was password reuse and he's too ashamed to admit it, that would be a pity. Either way, I have to say I'm losing some confidence in RamNode. Malicious skids shouldn't be having this much success, first against SVM and now against his Skype.

I know.

If this happens again, I guess I'm looking at Linode.

 

[JDiggity]

I know.

If this happens again, I guess I'm looking at Linode.

You realize that Linode got hacked a few years ago and everyones credit card details, passwords and emails were released?

They got hit in the hyperVM hack.  Please realize this before using Linode as if they are the only secure provider.