received this email about 10 minutes ago. Beware
"Dear UltraNutZ,
Someone has tried to log into your account on diyAudio with an incorrect password at least 5 times. This person has been prevented from attempting to login to your account for the next 15 minutes.
The person trying to log into your account had the following IP address: 1.169.92.13
All the best,
diyAudio"
running an ip trace results in this.
I don't live in China.
"Dear UltraNutZ,
Someone has tried to log into your account on diyAudio with an incorrect password at least 5 times. This person has been prevented from attempting to login to your account for the next 15 minutes.
The person trying to log into your account had the following IP address: 1.169.92.13
All the best,
diyAudio"
running an ip trace results in this.
An externally hosted image should be here but it was not working when we last tested it.
I don't live in China.
Others have reported this too,
http://www.diyaudio.com/forums/forum-problems/269545-someone-tried-log-under-my-name.html
If you have a strong password then there is no problem... they'll move on to someone else.
http://www.diyaudio.com/forums/forum-problems/269545-someone-tried-log-under-my-name.html
If you have a strong password then there is no problem... they'll move on to someone else.
Some time ago, i had the same problem, i checked the IP adress and it was from Taiwan...but why someone would try to do this ?
No idea why anyone would want to do this. Its free to sign up so who knows 😉 Maybe they get a buzz out of trying to crack passwords.
Maybe they are practicing their trade and/or developing their newer version of hacking software.
When they get good at it, they move on to their real targets:
PayPal, Banks, etc.
When they get good at it, they move on to their real targets:
PayPal, Banks, etc.
They're looking for potential hosts to spread malware. Quite often bot driven, and usually from China, but not always.
jeff
I don't think they did. If I try and log in under 'Soldermizer' then after five guesses at your password the forum automatically sends you an email.
Attempted hack
Same thing here, someone tried to use my password and user name to log on the site. I looked up the IP address and it shows China.... here is the low down (rather large)
IP Information for 58.221.85.182
Quick Stats
IP Location China China Nantong Chinanet Jiangsu Province Network
ASN China AS4134 CHINANET-BACKBONE No.31,Jin-rong Street (registered Aug 01, 2002)
Whois Server whois.apnic.net
IP Address 58.221.85.182
inetnum: 58.208.0.0 - 58.223.255.255
netname: CHINANET-JS
descr: CHINANET jiangsu province network
descr: China Telecom
descr: A12,Xin-Jie-Kou-Wai Street
descr: Beijing 100088
country: CN
admin-c: CH93-AP
tech-c: CJ186-AP
mnt-by: APNIC-HM
mnt-lower: MAINT-CHINANET-JS
mnt-routes: MAINT-CHINANET-JS
remarks: -+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+
remarks: This object can only be updated by APNIC hostmasters.
remarks: To update this object, please contact APNIC
remarks: hostmasters and include your organisation's account
remarks: name in the subject line.
remarks: -+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+
status: ALLOCATED PORTABLE
changed: 20050624
source: APNIC
role: CHINANET JIANGSU
address: 260 Zhongyang Road,Nanjing 210037
country: CN
phone: +86-25-86588231
phone: +86-25-86588745
fax-no: +86-25-86588104
e-mail:
remarks: send anti-spam reports to
remarks: send abuse reports to
remarks: times in GMT+8
admin-c: CH360-AP
tech-c: CS306-AP
tech-c: CN142-AP
nic-hdl: CJ186-AP
remarks: www.jsinfo.net
notify:
mnt-by: MAINT-CHINANET-JS
changed: 20090831
changed: 20090831
changed: 20090901
source: APNIC
changed: 20111114
person: Chinanet Hostmaster
nic-hdl: CH93-AP
e-mail:
address: No.31 ,jingrong street,beijing
address: 100032
phone: +86-10-58501724
fax-no: +86-10-58501724
country: CN
changed: 20070416
changed: 20140227
mnt-by: MAINT-CHINANET
source: APNIC
Does not tell much but origin....
Rod KB8DNS
Same thing here, someone tried to use my password and user name to log on the site. I looked up the IP address and it shows China.... here is the low down (rather large)
IP Information for 58.221.85.182
Quick Stats
IP Location China China Nantong Chinanet Jiangsu Province Network
ASN China AS4134 CHINANET-BACKBONE No.31,Jin-rong Street (registered Aug 01, 2002)
Whois Server whois.apnic.net
IP Address 58.221.85.182
inetnum: 58.208.0.0 - 58.223.255.255
netname: CHINANET-JS
descr: CHINANET jiangsu province network
descr: China Telecom
descr: A12,Xin-Jie-Kou-Wai Street
descr: Beijing 100088
country: CN
admin-c: CH93-AP
tech-c: CJ186-AP
mnt-by: APNIC-HM
mnt-lower: MAINT-CHINANET-JS
mnt-routes: MAINT-CHINANET-JS
remarks: -+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+
remarks: This object can only be updated by APNIC hostmasters.
remarks: To update this object, please contact APNIC
remarks: hostmasters and include your organisation's account
remarks: name in the subject line.
remarks: -+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+
status: ALLOCATED PORTABLE
changed: 20050624
source: APNIC
role: CHINANET JIANGSU
address: 260 Zhongyang Road,Nanjing 210037
country: CN
phone: +86-25-86588231
phone: +86-25-86588745
fax-no: +86-25-86588104
e-mail:
remarks: send anti-spam reports to
remarks: send abuse reports to
remarks: times in GMT+8
admin-c: CH360-AP
tech-c: CS306-AP
tech-c: CN142-AP
nic-hdl: CJ186-AP
remarks: www.jsinfo.net
notify:
mnt-by: MAINT-CHINANET-JS
changed: 20090831
changed: 20090831
changed: 20090901
source: APNIC
changed: 20111114
person: Chinanet Hostmaster
nic-hdl: CH93-AP
e-mail:
address: No.31 ,jingrong street,beijing
address: 100032
phone: +86-10-58501724
fax-no: +86-10-58501724
country: CN
changed: 20070416
changed: 20140227
mnt-by: MAINT-CHINANET
source: APNIC
Does not tell much but origin....
Rod KB8DNS
Just spammers looking to make backlinks to their link spam networks.. The 5 attempt lock out is working as desired. Not much we can do about it, but agree it's annoying 🙂
Me too
Dear daol,
Someone has tried to log into your account on diyAudio with an incorrect password at least 5 times. This person has been prevented from attempting to login to your account for the next 15 minutes.
The person trying to log into your account had the following IP address: 183.223.198.194
All the best,
diyAudio
It IP Address is in China:
IP Lookup Location For IP Address: 183.223.198.194
Continent: Asia (AS)
Country: China (CN)
Capital: Beijing
State: Unknown
City Location: Unknown
ISP: China Mobile
Organization: Guangdong Mobile
AS Number: AS9808 Guangdong Mobile Communication Co.Ltd.
Dear daol,
Someone has tried to log into your account on diyAudio with an incorrect password at least 5 times. This person has been prevented from attempting to login to your account for the next 15 minutes.
The person trying to log into your account had the following IP address: 183.223.198.194
All the best,
diyAudio
It IP Address is in China:
IP Lookup Location For IP Address: 183.223.198.194
Continent: Asia (AS)
Country: China (CN)
Capital: Beijing
State: Unknown
City Location: Unknown
ISP: China Mobile
Organization: Guangdong Mobile
AS Number: AS9808 Guangdong Mobile Communication Co.Ltd.
Is there an Authority that we can report this misbehaviour to?
It would be nice if we knew that someone was actively shutting down these hackers.
It would be nice if we knew that someone was actively shutting down these hackers.
Just saw this thread. I too had received such a mail sometime back (on 2nd April)
The IP address is traced to some Chiang Mai/ Chiang Mai (02) located in Thailand.
The IP address is traced to some Chiang Mai/ Chiang Mai (02) located in Thailand.
Probably not. They are basically running around checking door knobs / handles to see how many doors open without any real effort. If they find one open they will more than likely take the account over and spam the board or engage in other nefarious activity.
Best defence is to use a good password and monitor your account. On the forum side they could likely make 'dormant' accounts inactive / inaccessible to help remove some of the opportunities these people have. I'd suggest if a user hasn't logged in recently, let's say in more then a year, the account is made unavailable for logging in. The owner of the account would then have to request re-activation manually should they return to the forum at a later time.
My
.
Exactly. Which is why it's absolutely critical not to use a simple password for any website login. Accounts are constantly having the "door knobs" checked to see if they are locked or not. Only stupid scripts will trip the 5 tries thing - there will be others slowly trying every single member's account once or twice with some of the more common passwords, or a password you used on another website.
"A password you used on another website?" I hear you say! Yes. Other websites you use are constantly being hacked and having their database of usernames, email addresses and passwords sucked out, so they know that a particular username or email address uses that password, and then those details are used to log into every other web based service on the internet. If you use the same password across multiple websites, it's only a matter of time until someone has access to all of your accounts in one go.
eg: Russian Hackers Amass Over a Billion Internet Passwords
What to do? Use a unique and strong password for every website you visit. There's a number of ways to do this and not go insane. You can use something like 1password, or come up with your own system of making a unique password based on the name of a website, rotating the certain letters of the website name, etc - whatever you do, don't use the same password across multiple websites.
- Status
- Not open for further replies.