Advanced search  

News:

CPG Release 1.6.26
Correct PHP8.2 issues with user and language managers.
Additional fixes for PHP 8.2
Correct PHP8 error with SMF 2.0 bridge.
Correct IPTC supplimental category parsing.
Download and info HERE

Pages: [1]   Go Down

Author Topic: Strange user "sisjz" registered to many coppermine systems today. Worry ?  (Read 3047 times)

0 Members and 1 Guest are viewing this topic.

Tonk

  • Coppermine newbie
  • Offline Offline
  • Posts: 1

Hallo guys,
I'm running a small Coppermine powered page only for me and a few friends. Today a strange user called "sisjz" registered to my page. Cause this name doesn't belong to any of my friends, I became suspicious and looked up the name in google. I found out, that there are other Coppermine pages, with this username and he ALWAYS registered today. So I think there is a bot running, "attacking" Coppermine systems. I just updated my Coopermine to the latest version, but wenn the bot registered, I was running 1.4.21.

Is there anything to worry about? Could he have done damage to my system?

Thanks for answers
Kind regards Tonk
Logged

Abbas Ali

  • Administrator
  • Coppermine addict
  • *****
  • Country: in
  • Offline Offline
  • Gender: Male
  • Posts: 2165
  • Spread the PHP Web
    • Ranium Systems

If the user is unknown to you then i suggest delete him. Also scan your folder structure for any unknown files which that user might have uploaded and delete them.

No known security issues for the current stable release.
Logged
Chief Geek at Ranium Systems

Joachim Müller

  • Dev Team member
  • Coppermine addict
  • ****
  • Offline Offline
  • Gender: Male
  • Posts: 47843
  • aka "GauGau"
    • gaugau.de

To make this clear: there are known security issues for all versions prior to the actual stable release. That's why maintenance releases get released: they fix bugs and vulnerabilities. As you haven't been running the most recent stable release when that user registered, there's no saying if you have been attacked or if the user was just probing in an attempt to comment-spam pages. If you're not sure (and a bit paranoid), do as suggested in the thread "Yikes, I've been hacked! Now what?".
I haven't seen so many hits in Google for the terms sisjz and coppermine: http://www.google.com/search?q=sisjz+coppermine returns 30 hits for me. That could have been a manual registration as well: labor is cheap in many countries...
Logged
Pages: [1]   Go Up
 

Page created in 0.017 seconds with 19 queries.