Yeah it certainly doesn't have to do with join date... But the people who joined first received the message first as vBulletin probaly went through the user list starting at user 1, all the way through whatever number they're up to now. Since it seemed to take hours to send out all of the emails, you can tell how slow RackNine is at queueing their jobs...

As to the suggestion to change your password, always a good idea when something weird happens on a forum you read. Also never have the same password for EQ as any of your board logins.

Hiya, DenMom's and Ogres! Long time no see!

Wow, I'm almost glad I got the message just because this place brings back so many memories.

Having been the victim in the past of PHPBB hack at one of my client sites, I feel safe in saying that the hacker probably didn't know or need an admin password to do what he did. The fact that he only sent the email and didn't cause any further damage is probably an indication that he came in by exploiting an email sending script in the first place and that's all he was able to do.

If you're up to the challenge, you could probably have a look at racknine's server logs and figure out how they got in. After the aforementioned breakin, not only made it obvious where the weakness was exploited, but it became glaringly obvious that there were a million script kiddies out there all trying to exploit the same weakness. My customer had disabled the forum a year before, so the solution in that case was easy - nuke the board entirely. hehe.

Anyway, good luck with the upgrade, and as a precautionary measure, scan through your host and make sure that you don't have an old backup of the forums that could be reachable from the internet. Upgrading your forums won't do a dang thing if you've got an old "unused" version lying around for someone to exploit.

Nice to see y'all again. I remember my cooking days in EQ pretty fondly.

My header and Hi folks

Delivered-To: *my email address*
Received: by 10.78.191.16 with SMTP id o16cs152862huf;
Fri, 11 Apr 2008 07:59:45 -0700 (PDT)
Received: by 10.100.43.13 with SMTP id q13mr5558957anq.74.1207925982631;
Fri, 11 Apr 2008 07:59:42 -0700 (PDT)
Return-Path: <mboardse@h30001.racknine.com>
Received: from k2smtpout03-01.prod.mesa1.secureserver.net (k2smtpout03-01.prod.mesa1.secureserver.net [64.202.189.171])
by mx.google.com with SMTP id c44si2296353hsc.8.2008.04.11.07.59.41;
Fri, 11 Apr 2008 07:59:42 -0700 (PDT)
Received-SPF: neutral (google.com: 64.202.189.171 is neither permitted nor denied by best guess record for domain of mboardse@h30001.racknine.com) client-ip=64.202.189.171;
Authentication-Results: mx.google.com; spf=neutral (google.com: 64.202.189.171 is neither permitted nor denied by best guess record for domain of mboardse@h30001.racknine.com) smtp.mail=mboardse@h30001.racknine.com
Received: (qmail 20746 invoked from network); 11 Apr 2008 14:59:41 -0000
Received: from unknown (HELO h30001.racknine.com) (208.109.125.28)
by k2smtpout03-01.prod.mesa1.secureserver.net (64.202.189.171) with ESMTP; 11 Apr 2008 14:59:41 -0000
Received: from mboardse by h30001.racknine.com with local (Exim 4.68)
(envelope-from <mboardse@h30001.racknine.com>)
id 1Jk8xD-0008O2-UA
for *my email address*; Thu, 10 Apr 2008 19:25:27 -0700
To: visionary.flaumigehexe@gmail.com
Subject: TRADESKILLS ARE BEING DISCONTINUED
From: "admin@mboards.eqtraders.com" <admin@mboards.eqtraders.com>
Message-ID: <200804110227.7c9160806552@mboards.eqtraders.com >
MIME-Version: 1.0
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 8bit
X-Priority: 3
X-Mailer: vBulletin Mail via PHP
Sender: <mboardse@h30001.racknine.com>
Date: Thu, 10 Apr 2008 19:25:27 -0700

I just joined a few months ago when the new JC stuff came out so it looks like they grabbed what they could and went from there

traders hacked

Posting just as info..I received the email as well

Same here.

Does this mean I don't get the cheap fruit basket at Christmas? /pout

I want my fruit basket!

Wow

Wow, was THAT random.

But it's good to be back on the old boards. As some probably know, I'm haunting the EQ2 boards as the froglok Gwyneth now, and Melisande has been shelved (although I'm thinking more and more of going back on a limited basis) for the time being. I've also been infected with the WoW bug, mostly because, well, it's a fun game and that's the game I can spend time with my boyfriend in.

Good to see all the old timers

email

Yep, I had this in my email today too. After the unlocking/keying of zones stuff was afraid for a minute it was true.

Got the same email...curious about my join date...really no other reason for this post as I think I only joined recently, however, the link in the email as shown in some of the headers did not really come from here, and redirects you to a YouTube video, and if you stop to think about it, whoever breached the board memberlist here apparently is just trying to get a lot of hits for that video...who the hell knows why though...

Same here.

Same here though I wouldn't say dead or inactive. I just haven't been around for the past couple months. My last visited was Feb 5 of this year.

Deleted the spam without even checking the link.

got one myself

same with me been gone for 12 months and got this today

R

I got that email here too. Glad it's not real.

Only way to bring back "old EQ'ers" is to fire EVERYONE in charge of EQ presently and hire some people who care about gameplay. Then rewrite the program to satisfy those <censored> who whine that the graphics aren't pretty enough.

No worries for me. My account is gone permanently. Successful chargeback due to corrupt game files.

Only reason I came here is because of the email. Someone must really be mentally disturbed if they felt the need to hack a website dedicated to Everquest 1.


(No I'm not insulting this website, its the best EQ tradeskill resource around)