BL Case Brick

Hardegon · 31.10.2023, 15:30:48

Dneska jsem narazil na obchod Case Brick. 60% Halloween slevy. Super ceny. Ještě jsem kontroloval, jestli to neni podvodník, ale 3000 hodnocení a prakticky 100%. Co by se mohlo stát? Poslal jsem tam objednávku a hned platil převodem.

Naštěstí jsem se po pár hodinách podíval, jestli bych tam nechtěl ještě něco...

Banka za "směšný" poplatek 60,- byla ještě schopná vrátit mi celou platbu.

Tak to tady dávám jako příklad podvodu na BL, což se mi ještě nikdy nestalo. Snad tam nikdo nic nemáte.

Colonel32 · 31.10.2023, 15:57:11

https://www.bricklink.com/message.asp?ID=1437154

Vlákno na BL, ale ne že by tam bylo o moc více informací.

Colonel32 · 31.10.2023, 18:01:17

"We are wary of saying too much about this kind of issue in public, but I will
mention that this has been a bit of a problem in the last 2 weeks or so and we
have had to take action multiple times.

We'll come out with a more formal statement later, but this is just a short
warning post that if you see a great deal on a classic set, check the recently
listed items in the store. It's pretty obvious when you see 40 new sets listed
on the same day with unrealisitically low prices."

Admin_Russell
BrickLink Administrator

Pool · 31.10.2023, 18:18:56

Prodejce bude stále ok, jenže jak tam píšou, tak mu asi někdo ten účet nabořil a obchod ukradl. Ve chvíli kdy se to stane, to je těžké nenaletět. Ale BL to evidentně sleduje a stopl to zavčas nebo prodejce by to sám pak nahlásil, že mu ukradli účet, takže by to i tak stopli. Tak to nebude asi případ na černou listinu.

Robbed · 03.11.2023, 20:53:49

Bricklink je asi momentálně terčem útoku hackerů.

Z redditu

CitaceBrickLink appears to have gone into preventative shutdown ("maintenance"). There have been 5-6 stores (minimum) + dozens of buyer accounts hacked over the past week. A hacked buyer account (with ~20 feedback) made a forum post claiming that BrickLink had 30 minutes to pay EUR 50,000 to a bitcoin account or they would start deleting inventories from big stores. The shutdown appears to be an effort to get the hackers out of the system

Zjednodušeně, vypadá to, že se admini rozhodli preventivně vypnout web (mód údržby), kvůli velkému nárustu hacknutých účtů v posledních pár dnech (prodejci a nakupující). Údajně jeden z hacknutých účtů začal vydírat adminy, aby zaplatili, jinak začnou mazat všechny velké obchody.

Já si teda ještě dneska ráno pro jistou změnil heslo...

Pool · 03.11.2023, 22:32:41

No jak koukám, já už to nestihl změnit. Ale jak to půjde, tak to heslo doporučuji změnit všem nebo uvidíme, jestli k tomu nebudou dokonce všichni vyzváni od BL při prvním přihlášení.

BlueRose · 03.11.2023, 23:01:13

Na diskusním fóru konkurenčního místa se aktuálnímu problému BL také věnují:
https://www.brickowl.com/forum#/discussion/15505/password-security

mesje · 03.11.2023, 23:29:23

kedze som mal vo wanted liste coloseum, dosla mi notifikacia na Case Brick, a neskor aj na Xars z rakuska... oboje malo podobny priebeh - dobra cena, hned faktura, oba obchody vela hodnoteni, dokonca DPH registracia... podozriva bola len cena - cca 20% pod katalog, co neni tak dramaticke, ale tento set bolo problem kupit aj za 10% dole dlhe roky, plus ponuka bola dost hlboko pod najblizsieho predajcu, co nedava logiku - tak som cakal a neplatil...
problem je ze to moze nastrbit doveru v nakupovanie cez BL - ked uz sa clovek nemoze spolahnut na zabehane obchody s vela hodnoteniami, tak potom neviem...
asi je dobre komunikovat s obchodom aj cez email napriamo - ak niekto hackne BL shop, je mala sanca, ze hackne aj email...

Anatyt · 04.11.2023, 09:52:49

Nevyzerá to dobre.

Fricoolinek · 06.11.2023, 04:24:04

CitaceUpdate November 5th. 4.40 pm EST
(= 22:40 SEČ)

Friday we temporarily closed the BrickLink site due to unusual activity.

Since then, the team has been working super hard to make sure we can reopen as soon as possible – and we're getting closer to doing that.

Thank you for your patience and support. We're grateful to have such amazing members.

We know it's frustrating and disappointing. We want to assure you we're working as fast as we can - and not getting much sleep - to restore BrickLink.

Many thanks,

Your BrickLink team

Vlastně si tak trochu řikám, zda by nešlo "zamrazit" / "zaplombovat" jen členskou sekci - obchody, diskuze, wanted listy. Prostě všechno, kam je potřeba se logovat a nechat jet aspoň databázi dílků, setů a figurek....

Robkteryten · 06.11.2023, 06:33:58

Citace od: Fricoolinek kdy 06.11.2023, 04:24:04
CitaceUpdate November 5th. 4.40 pm EST
(= 22:40 SEČ)

Friday we temporarily closed the BrickLink site due to unusual activity.

Since then, the team has been working super hard to make sure we can reopen as soon as possible – and we're getting closer to doing that.

Thank you for your patience and support. We're grateful to have such amazing members.

We know it's frustrating and disappointing. We want to assure you we're working as fast as we can - and not getting much sleep - to restore BrickLink.

Many thanks,

Your BrickLink team

Vlastně si tak trochu řikám, zda by nešlo "zamrazit" / "zaplombovat" jen členskou sekci - obchody, diskuze, wanted listy. Prostě všechno, kam je potřeba se logovat a nechat jet aspoň databázi dílků, setů a figurek....

Tak na to se dá zatím použít BrickOwl

Colonel32 · 08.11.2023, 02:14:08

Update November 7th. 5.55 pm EST

Our investigations so far suggest that a very small number of accounts have or may potentially have been accessed by unauthorized individuals with data obtained outside our platform. We'll be in contact with these members directly with more details on how to reopen their accounts.

We're getting ready to reopen BrickLink soon but we're still not able to provide a specific time.

When we reopen, we've locked all accounts – impacted or not - as a precaution that will require all members to reset their passwords to access their accounts.

We strongly advise all our members to practice good data security. Install and run security software and create strong, unique passwords.

Thank you for your continued patience and support – the kind posts we see from all of you on social media continue to make a real difference to the team here.

We know it's very frustrating, there is light at the end of the tunnel, we thank you for having a bit more patience with us.

Many thanks,

Your BrickLink team

Jamesek · 08.11.2023, 19:21:09

Už otevřeno a heslo změněno:

We're writing to let you know that BrickLink is back up and running and we look forward to seeing you back on the site!

We temporarily closed the site on November 3rd due to some unusual activity. After thorough investigation we found that a relatively small number of accounts potentially may have been accessed by unauthorized individuals using data obtained outside the BrickLink platform.

There is no evidence to suggest that your BrickLink account has been compromised. However, as a precaution we're asking you to update your password. Please go to the BrickLink site and start the process of resetting your password by following the prompts during login.

Make sure you use a unique password which you don't use on other sites.

We're sorry for the inconvenience and disruption caused by the site being down. We're taking this incident very seriously and want to assure you that we're committed to doing all we can to ensure this doesn't happen again. We've taken steps to further strengthen our security and will continue to investigate and take steps to tighten how we monitor and respond to unusual activity.

You can get help on this and other topics in the related help page or read more in the BrickLink Forum after re-opening your account.

Thank you again for your support and patience. We're grateful to have such awesome members!

What does this mean for my BrickLink account?

We have no evidence of fraudulent activity related to your account or orders.

If you have been using API access to manage your store inventory, you will have to generate a new API key.

Colonel32 · 21.11.2023, 22:49:50

Dear BrickLink Sellers,

In relation to the added security features that we're implementing on BrickLink, we're introducing One-Time PIN (OTP) to certain seller features.

This feature is only accessible to sellers. To activate OTP, you must go to your store management settings. This is an opt-in feature.

Please read our FAQs for more information about how OTP works and which features it protects.
Thank you,
The BrickLink Team

https://www.bricklink.com/help.asp?helpID=2615

otaznik · 22.11.2023, 07:49:03

To je krok, který pár dní připravovali. Pro někoho to může být zajímavá feature, která by měla pomoci v tom, že hacknout account bude ještě těžší.