Mikel

I just found this password site this morning and saw that alot of member's area are accessible, maybe you should all take a look, see if your sites are listed here, the list is huge!!!

http://tmd.df.ru/private.html

Have a good day everyone

bd2gk2

Damn, I found my site on that list. Looks like I got few passes to kill. Thanks for the heads up!

__________________
If it doesn't make dollars,
then it doesn't make sense!

XXXPaysiteDesign

Thats a big list.. mine isn't on there, yay

__________________
SIG TOO BIG! Maximum 120x60 button and no more than 3 text lines of DEFAULT SIZE and COLOR. Unless your sig is for a GFY top banner sponsor, then you may use a 624x80 instead of a 120x60.

blakkfrogg

Someone needs to beat that password trader into a coma and post pics as a warning to other traders that, "Yes. It CAN Happen to YOU."

"Assholic Wanna' Jerk Off But Don't Wanna' Pay Cretins" -- That is what I think about password traders.

__________________
- Blakk Frogg

* Blakk Frogg Sex Blog
* * Wyldsites Sex Blogs
* * * Blakk Frogg Joke Blog

So anyways, this Frogg is looking for smaller traffic trades. Trying to get back into the swing of things, ya' know?

Easy

hmm.. I'm on the list too. And I see that pennywize is working

boldy

just fucking iframe that list... he'll be out of business in no time

That list is is 1.4 meg!

__________________
MacDaddy Coder.

Pipecrew

ouch, ninaknowsbest took a hard hit

Jizar II

the password kiddies needs to die in hell

pipp

WOW! thats one bad ass password list

gothweb

Three passwords to my main site, one to my newer site. Sheesh. How are they getting these passwords? At least seem to be hacked, since they aren't in the CCBill database.

I also checked some sites of friends of mine. That's a lot of passwords for some sites... Scary.

__________________

Photos by Ian X.: Distinctive photos of goth babes.
Blood Money:Your traffic, my sites, our money.
MojoHost: Still the best.

pr0

I found a new homepage

w0000000t

__________________
__________
Loadedca$h - get sum! - Revengebucks - mmm rebills! - webair (gotz sErVrz)

danevans

df.com seems to be a russian isp, and that password list is probably on some users personal webspace.. Try contacting DataForce support, to remove the list..

__________________
Custom adult games / apps for your paysites.
webmaster at multimoodia.net
icq35291012

pr0

How am i supposed to get free porn without this list? Ohhh..right, tgp's...nevermind, go ahead & kill it.

X37375787

damn ...

Dugmor

Yeah it looks like they got me. So if anyone wants to check out my members area's before I kill the passwords enjoy !

__________________
JesusEmpire - The Most Trusted Mobile Marketing Service
SMS Verification codes for 345 websites including:
Tinder - Bumble - Twitter - TikTok - Instagram - Facebook

deleteduser

didnt we have a list like that some month ago? =)
looks nearly the same

Mutt

damn he's back.

that guy back in April had the biggest fucking password list of the best sites i'd ever seen. The fucking thing took like 5 minutes to load it was so big.

__________________

Gator

Here's another for ya boys...

http://pass.nejcpass.com/

jojojo

it is 404'd now

__________________
Learn SEO - make $$ residually - icq me 333485092

Kimmykim

They arent processor lists, I checked ours and some of them were manually added passes, the rest crossed all processors.

magnatique

they might not be processor ones, but these guys knew what they were doing..

we had like 15 passwords in there..

and I checked with epoch, and most of all the logins that were used were logins of Long lasting members... all like 2-5 months, recuring members...

__________________

Stunner Media Programs: StandAhead | IndieBucks | BoyCrushCash | Phoenixxx | EmoProfits | BritishBucks | HunkMoney | LatinoBucks
Make $$$ with Gay! Lowest Minimum Payouts in the Business, Perfect Track Record, Amazing Sites

Cogitator

Some people just run scripts that run dictionary entries until one of them works. That's a real common way of hacking. What you need to do to prevent this is to limit the velocity of logins from a particular IP address, i.e. no more than 5 login attempts per minute, etc. This way, your regular user can retry his login if he fatfingered something, but the scripts trying to hack you will be slowed down to the point of being impractical.

__________________
- this space intentionally left blank -

Mutt

99% of these guys are only capable of doing brute force dictionary attacks.

Small number who can actually hack and start adding usernames/passwords.

There really is nothing you can do to completely get rid of the problem. They will hammer away no matter what. Pennywize does a great job of keeping them out of your members area fast. What i don't understand about Pennywize users is that most just leave the freeloaders at a deadend Pennywize page.
You might as well get some use from the traffic, it's no worse than TGP, i actually think it's better. So I don't understand why the Pennywize page doesn't redirect to a banner farm or toplists or just console hell.

__________________

salsbury

some of them might be using the wide open security holes in Epoch's script, if you use Epoch on your site. (i'm told they've "updated" it, but i have yet to see this on any servers.)

__________________