Spam on my about me

  • 10
  • Problem
  • Updated 3 months ago
  • In Progress
  • (Edited)
I have changed my password and unlinked all my accounts and they still have access to my account and keep changing my bio and follows.
https://www.last.fm/user/seanb0112
Photo of Sean Broadbent

Sean Broadbent

  • 7 Posts
  • 5 Reply Likes

Posted 6 months ago

  • 10
Photo of Josh V

Josh V

  • 4 Posts
  • 3 Reply Likes
Same problem here, tried changing passwords and linked a new email, still changing my bio..wtf is happening.
Photo of cptchi

cptchi

  • 140 Posts
  • 201 Reply Likes
Another user complained about this recently - but his post vanished??? - and I talked about it here, where I noticed 2 people who followed me recently after being hacked

https://getsatisfaction.com/lastfm/topics/accounts-getting-hacked

This is worrying

Also, since it's the weekend we probably gonna get a reply on this only on Monday.
(Edited)
Photo of Patrick

Patrick

  • 1296 Posts
  • 929 Reply Likes
Another user complained about this recently - but his post vanished?

That's odd. Something like that shouldn't happen. Is it possible that hackers have started hijacking accounts on this site and began to delete complaints about this case? I'm starting to worry that they won't start raiding my account. It looks like I will have no other choice, but to change the password.
Photo of cptchi

cptchi

  • 140 Posts
  • 201 Reply Likes
It could be the case that user deleted their topic, but I don't know why they would do that. I know I left a comment and the next day I couldn't find it - not even in my post history.
Photo of Hans-Jürgen

Hans-Jürgen, Moderator

  • 2261 Posts
  • 1182 Reply Likes
Possibly Jon has changed the view of that topic to private = staff and participating users only which means he will take care of it when he is back in office on Monday.
Photo of cptchi

cptchi

  • 140 Posts
  • 201 Reply Likes
I see. Thanks for answering.
Photo of Ian Jackson

Ian Jackson

  • 2 Posts
  • 0 Reply Likes
Same exact thing happening to me, no matter how many times I delete it and change bio, it keeps coming back.
I've changed my email and password, and unlinked apps and nothing seems to do the trick.

I've also noticed that my account followed a bunch of random accounts too.
(Edited)
Photo of Sean Broadbent

Sean Broadbent

  • 7 Posts
  • 5 Reply Likes
I'm guessing it is because when you change password, it does not force logout every account logged in. It is a pretty bad design and a big security flaw. 

I'm not going to mess with my account as even if I change anything it will just go back to spam in about an hour or too.

I also have a load of followers on my account that have the same problem and seem to be legit accounts taken over like mine.
A few examples:
https://www.last.fm/user/Vycrance
https://www.last.fm/user/makayun
https://www.last.fm/user/pel-poi
Photo of cptchi

cptchi

  • 140 Posts
  • 201 Reply Likes
I ended up blocking/ignoring the hacked users to force them to unfollow me (and then unblocked them) because I'm scared my account will become a target.
Photo of Patrick

Patrick

  • 1290 Posts
  • 908 Reply Likes
I did the same thing too cptchi. Let's hope the Administration will do something to cease this.
Photo of Jon

Jon, Community & Customer Services

  • 4731 Posts
  • 3539 Reply Likes
>>>I'm guessing it is because when you change password, it does not force logout every account logged in.

Hi Sean, unfortunately that's correct.  The development team will be correcting this as soon as possible, as well as looking into other ways to prevent the spammer from vandalising your about me while they're doing that.  We're sorry for any inconvenience caused by this issue in the meantime.

If you don't want to wait, a somewhat more extreme solution would be to temporarily ban your account until tomorrow morning.  This would force the spammer to clear their cookies if they try to access your profile, revoking their login in the process.  It's incredibly frustrating for me that we can't offer a more appropriate fix, but this is the fastest solution I can offer you.
(Edited)
Photo of Jon

Jon, Community & Customer Services

  • 4731 Posts
  • 3539 Reply Likes
>>> I'm scared my account will become a target. 
It's unlikely if your password is strong, up-to-date, and you're not using the same username / password combination elsewhere (password managers can help with this).
Photo of cptchi

cptchi

  • 140 Posts
  • 201 Reply Likes
I already use a password manager and strong passwords. Seems like I'm safe then. Thanks Jon.
Photo of Sean Broadbent

Sean Broadbent

  • 7 Posts
  • 5 Reply Likes
Would temp banning an account force logout all accounts logged in? If so, I would be willing to do that to get my account back up to normal.
Photo of Jon

Jon, Community & Customer Services

  • 4731 Posts
  • 3539 Reply Likes
Not exactly, but if they attempt to access your account while it's suspended they'll be blocked from the site until they clear their cookies (permanently logging them out).  There's no guarantee they'll fall for it, but given how quickly it seems user bios are being reverted back after changing them, I think there's a good chance it'll work.
Photo of Patrick

Patrick

  • 1296 Posts
  • 929 Reply Likes
I was searching for a thread related to this issue, and I'm glad I found it. It looks like Russian and Polish spammers came back.
https://www.last.fm/user/edvinsusuri
https://www.last.fm/user/dimon-babon
https://www.last.fm/user/auradefect
https://www.last.fm/user/Obilventon
https://www.last.fm/user/mondogeek
https://www.last.fm/user/winter1610
https://www.last.fm/user/slipk487
https://www.last.fm/user/ruurdjansen
https://www.last.fm/user/vladimmi
https://www.last.fm/user/vistamon82
https://www.last.fm/user/tylerpalmer7
https://www.last.fm/user/DimixeR
https://www.last.fm/user/Tayloramzng
https://www.last.fm/user/0882206
https://www.last.fm/user/bbaz3l
https://www.last.fm/user/Waclaff
https://www.last.fm/user/boluele
https://www.last.fm/user/massmush
https://www.last.fm/user/sora8021
https://www.last.fm/user/enosial
https://www.last.fm/user/jasu3
https://www.last.fm/user/thehenrydot
https://www.last.fm/user/krolik112
https://www.last.fm/user/jacksondelvalle
https://www.last.fm/user/auramancer1247
https://www.last.fm/user/fabpianista
https://www.last.fm/user/JoHnNy08PL
https://www.last.fm/user/yodelufer
https://www.last.fm/user/stuhome
https://www.last.fm/user/lalilaloe
https://www.last.fm/user/Suotana
https://www.last.fm/user/eddiecer
https://www.last.fm/user/syymza
https://www.last.fm/user/tikondrus
https://www.last.fm/user/margolakmuss
https://www.last.fm/user/gessyca
https://www.last.fm/user/bilhar312003
https://www.last.fm/user/mertkarakoc
https://www.last.fm/user/sbjct17
https://www.last.fm/user/salukibob
https://www.last.fm/user/evsmat
https://www.last.fm/user/darkangel5050
https://www.last.fm/user/berrycock3
https://www.last.fm/user/Loxeno
https://www.last.fm/user/naxitow
https://www.last.fm/user/zlobenadm
https://www.last.fm/user/RocketMan10404
https://www.last.fm/user/Pukajec
https://www.last.fm/user/evsmat
https://www.last.fm/user/Marorrai
https://www.last.fm/user/solloron1
https://www.last.fm/user/isannn
https://www.last.fm/user/vladimir1345769
https://www.last.fm/user/zhandao
https://www.last.fm/user/Dioxinis
https://www.last.fm/user/advil0
https://www.last.fm/user/GrislySquirrel
https://www.last.fm/user/AndromedaBlade
https://www.last.fm/user/dankhazanov
https://www.last.fm/user/ljacmoljac
https://www.last.fm/user/Tanzka
https://www.last.fm/user/Darkbreathe
https://www.last.fm/user/Kinnis97
https://www.last.fm/user/ljacmoljac
https://www.last.fm/user/ToastedMilk
https://www.last.fm/user/TomRowly
https://www.last.fm/user/neufena
https://www.last.fm/user/Aborrol
https://www.last.fm/user/PsychosesMan
https://www.last.fm/user/Sharkenok

The deeper I go, the more I find. What is going on here?
(Edited)
Photo of Chris Kent

Chris Kent

  • 9 Posts
  • 13 Reply Likes
Just replied to another person with the same problem but you could try going to settings, applications, disconnecting all the applications, change your password and then reconnect anything.

That might work.
Photo of Sean Broadbent

Sean Broadbent

  • 7 Posts
  • 5 Reply Likes
Already tried that and they still have access.
Photo of Patrick

Patrick

  • 1296 Posts
  • 929 Reply Likes
Sean Broadbent deactivate, then reactivate your profile in your account settings. Repeat the same procedure that you did several hours ago. Perhaps this methods that I gave you will work.
(Edited)
Photo of Andreas_Wotte

Andreas_Wotte

  • 1007 Posts
  • 1397 Reply Likes
Photo of Patrick

Patrick

  • 1296 Posts
  • 929 Reply Likes
Oh, good grief there are too many of them. Fortunately, I changed my password, so I'm safe. I hope the script they launched will help them to solve the case.
Photo of Patrick

Patrick

  • 1296 Posts
  • 929 Reply Likes
I've found another thread related to this issue. Bio is being changed automatically. Hacked or what? Written by Josh V. This is not good. I hope the Administration will fix this.
Photo of Ian Jackson

Ian Jackson

  • 2 Posts
  • 0 Reply Likes
I've emailed support twice over this, nothing back.
Photo of jazzthieve

jazzthieve

  • 98 Posts
  • 89 Reply Likes
With all these comments about hacked accounts I wouldn't feel too safe with last.fm's security policy. It seems to be pretty lacking and remembering the serious data breach of march 2012 it seems not much has changed.
Photo of Patrick

Patrick

  • 1296 Posts
  • 929 Reply Likes
The Administration should install a two-factor authentication. Discord has this option to help you to have double protection of your account. Once configured you’ll be required to enter both your password and authentication code from your mobile phone to sign in.

That is what we need to protect ourselves. Changing password by adding upper and lower cases, numbers and symbols will help. But not that much like a two-factor authentication I quoted from Discord service. Ian Jackson, yesterday was a weekend, so it's no wonder why anybody hasn't answered on your application. Administration and offices don't work on weekends.
(Edited)
Photo of Profoundemonium

Profoundemonium

  • 90 Posts
  • 112 Reply Likes
Photo of Jon

Jon, Community & Customer Services

  • 4762 Posts
  • 3555 Reply Likes
Thanks for this, we have a script that's identifies the all of the affected accounts and are the development team are working on removing the spam.  In the meantime, you can remove them from your followers list by adding them to your ignore list in your privacy settings.
Photo of tapenoon

tapenoon

  • 146 Posts
  • 236 Reply Likes
Photo of Jon

Jon, Community & Customer Services

  • 4762 Posts
  • 3555 Reply Likes
Thanks for this, we have a script that's identifies the all of the affected accounts and are the development team are working on removing the spam.  In the meantime, you can remove them from your followers list by adding them to your ignore list in your privacy settings.
Photo of tapenoon

tapenoon

  • 146 Posts
  • 236 Reply Likes
thank you Jon :)
Photo of Patrick

Patrick

  • 1296 Posts
  • 929 Reply Likes
(Edited)
Photo of Jon

Jon, Community & Customer Services

  • 4762 Posts
  • 3555 Reply Likes
Thanks for this Patrick, however we have a script that will identify the affected accounts for us, so there's no need to list the usernames here.
Photo of Patrick

Patrick

  • 1296 Posts
  • 929 Reply Likes
Ah, okay not a problem.
(Edited)
Photo of Josh V

Josh V

  • 4 Posts
  • 3 Reply Likes
This reply was created from a merged topic originally titled Bio is being changed automatically. Hacked or what?.

My "About Me" section has been changed multiple times now even after I linked a new email and changed my password twice. Here is my last.fm https://www.last.fm/user/Vycrance

The "hackers" change it to their spam website every hour or so, any idea what's going on?
Photo of Jon

Jon, Community & Customer Services

  • 4762 Posts
  • 3555 Reply Likes
Hi Josh, very sorry to hear that you've been affected by this as well.  It sounds like the spammer is still logged into your account (via cookies) which is why changing your password isn't helping.  The development team are working on a fix to log everyone out of the affected accounts, along with a way to prevent the spammers from repeatedly vandalising your profile, but I don't have an estimate of how long these will take to implement.  We're sorry for any inconvenience caused by this. 

If you don't want to wait, an alternative option is to temporarily ban your account tonight.  During this time, if the spammer tries to access your profile, they'll be locked out of the website and forced to clear their cookies.  Since you've already changed your password, they won't be able to log back in again.  It's not an ideal solution, as you wouldn't be able to access the site either, but we can try this if you're willing.
Photo of Frankenrin

Frankenrin

  • 161 Posts
  • 821 Reply Likes
Seems to be happening to a follower of mine as well. This site is such a disaster.
Photo of Patrick

Patrick

  • 1296 Posts
  • 929 Reply Likes
Wouldn’t it be easier to deactivate or reactivate yourself? Perhaps, in that way spammers won’t be able to hijack our accounts again. I find it odd how spammers can still access your profile even after you updated your password and Email. I updated my password and I wasn’t able to login with my old password after I change it. I got an error when I tried to login with my old password.
(Edited)
Photo of jazzthieve

jazzthieve

  • 98 Posts
  • 89 Reply Likes
It has been explained already. If a hacker stays logged in on his side, a password change doesn't matter at all. Only if the hacker would log out and try to log in again after the password change then it would have an affect.
Photo of Patrick

Patrick

  • 1296 Posts
  • 929 Reply Likes
That is what I mentioned. When you deactivate your account, you must enter your username and password again to reactivate it. I did that several times in the past.
Photo of jazzthieve

jazzthieve

  • 98 Posts
  • 89 Reply Likes
I doubt that makes much of a difference. I'm also wondering if all these people who are affected have something to do with the recent massive pw and username drop collection1-5. Hackers using that dump to get into the accounts because users have been careless with recycling passwords (or variants). Getting access by doing credential stuffing, bound to get some hits.
Photo of Patrick

Patrick

  • 1296 Posts
  • 929 Reply Likes
I don't know. I decided to recycle my password three days ago after I heard what hackers are doing. I've never done this for the last seven years until now. I believe deactivating/reactivating can solve this issue temporarily until Administration don't fix this infinitely.
(Edited)
Photo of Jon

Jon, Community & Customer Services

  • 4762 Posts
  • 3555 Reply Likes
>>>I believe deactivating/reactivating can solve this issue temporarily

I'm pretty sure it won't work, because they'll still have an active login cookie on their browser.  
(Edited)
Photo of Sean Broadbent

Sean Broadbent

  • 7 Posts
  • 5 Reply Likes
Any news on the fix? It's been a week and my account is still hacked. 
Photo of Jon

Jon, Community & Customer Services

  • 4762 Posts
  • 3555 Reply Likes
Hi Sean, the option to log out everywhere is currently being worked on by our developers, I'll update this thread when it's ready and deployed.  We can still try the temp. banning route if you'd prefer not to wait -- we've tried this with several people now, and appears to have worked for them.
Photo of sizhin

sizhin

  • 3 Posts
  • 0 Reply Likes
Hi, I've also been affected by this issue, could I get my account temporarily banned? I've been trying to manage and contain the vandalism on my profile but it's proven to be a huge hassle, so I'm desperate for a fix. Here's my profile:

https://www.last.fm/user/Sizhin
(Edited)
Photo of Jon

Jon, Community & Customer Services

  • 4762 Posts
  • 3555 Reply Likes
No problem, I'll do this before I leave work tonight, and restore it again in the morning.  For now, I've disabled the posting privileges and hidden your about me so they can't do anything with your account.
Photo of sizhin

sizhin

  • 3 Posts
  • 0 Reply Likes
thank you!
Photo of Jon

Jon, Community & Customer Services

  • 4762 Posts
  • 3555 Reply Likes
Ok, doing this now.  I'll lift the ban when I get into the office tomorrow morning and reply here to let you know.

Please don't attempt to access last.fm during this time, as you may get locked out of the site. :)  If this does happen, all you need to do is clear your browser's cookies (specifically the last.fm ones) to access the site again.  If you encounter any issues with this, just let me know here.
Photo of Jon

Jon, Community & Customer Services

  • 4762 Posts
  • 3555 Reply Likes
Temp. ban has been lifted on your account.
Photo of sizhin

sizhin

  • 3 Posts
  • 0 Reply Likes
thanks! could i get my about me section unhidden as well?
Photo of Jon

Jon, Community & Customer Services

  • 4762 Posts
  • 3555 Reply Likes
Sure.
Photo of Ryuzu

Ryuzu

  • 2 Posts
  • 2 Reply Likes
Just to mention. Deactivating and activating the account again doesn't help at all. Even after this process and changed again the password. The spammers have access to my account.
Photo of Ryuzu

Ryuzu

  • 2 Posts
  • 2 Reply Likes
Update: at least give a day with the closing status. This seems to work in this attempt.
Photo of Conor Ahern

Conor Ahern

  • 2 Posts
  • 0 Reply Likes
Would it be possible to have my account temporarily banned as well? I've had my bio changed repeatedly and I'm now following nearly 500 accounts when I was previously following ~15. Very frustrating.

https://www.last.fm/user/cahern7
Photo of Jon

Jon, Community & Customer Services

  • 4762 Posts
  • 3555 Reply Likes
Sure, I can do this tonight.
Photo of Sean Broadbent

Sean Broadbent

  • 7 Posts
  • 5 Reply Likes
Could you do the same to mine too please. I am getting fed up of removing follows. Thanks 
Photo of Conor Ahern

Conor Ahern

  • 2 Posts
  • 0 Reply Likes
Thanks Jon! I'm ready whenever you have the time to do this.
Photo of Jon

Jon, Community & Customer Services

  • 4762 Posts
  • 3555 Reply Likes
Ah very sorry Conor, something came up and I couldn't do this last night. We'll do yours and Sean's accounts tonight from 17:00 UTC.
Photo of Jon

Jon, Community & Customer Services

  • 4762 Posts
  • 3555 Reply Likes
Ok this has been set for both of your accounts.  As with the others please don't attempt to access last.fm during this time, as you may get locked out of the site. :)  If this does happen, all you need to do is clear your browser's cookies (specifically the last.fm ones) to access the site again.  If you encounter any issues with this, just let me know here.  I'll lift the ban in the morning.
Photo of Jon

Jon, Community & Customer Services

  • 4762 Posts
  • 3555 Reply Likes
Ok, ban has been lifted on your accounts.  Please try changing your about me, and then let us know if it gets reverted back to spam.
Photo of Sean Broadbent

Sean Broadbent

  • 7 Posts
  • 5 Reply Likes
Well so far it seems to have fixed it. Thanks.
Photo of Radomir Nowak

Radomir Nowak

  • 3 Posts
  • 0 Reply Likes
This reply was created from a merged topic originally titled About me changes content constantly.

Every now and then my "About me" page keeps getting changed to some dating site URL. I've changed my password yet the problem still ocurrs. Is there a way to see location of logons to my profile? 
I think that when someone resets their password their user sessions should be deleted so you would have to log in again with new password.
Please advise what should I do.
Photo of Jon

Jon, Community & Customer Services

  • 4762 Posts
  • 3555 Reply Likes
Hi Radomir, the option to log out everywhere is being worked on right now, and should go out early next week.  Ending all active sessions automatically when you change your password will be worked on next, I believe.

In the meantime, if you can tell me your username, I can temporarily suspend it to hide the 'about me' spam on your page and prevent the spammer from posting anything with your account.
(Edited)
Photo of Radomir Nowak

Radomir Nowak

  • 3 Posts
  • 0 Reply Likes
Hi Jon, I've manually started the "delete" of my account and it seems that it the hacker is no longer changing the about me page.
Thanks for all the work you do!
Photo of Gulhis

Gulhis

  • 3 Posts
  • 0 Reply Likes
Hi there,

I have the same issue and it's been days. Can you also ban my account please?

https://www.last.fm/user/gulhisbayav


Photo of Jon

Jon, Community & Customer Services

  • 4762 Posts
  • 3555 Reply Likes
Hi, I'll do this in about half an hour, and the unban in the morning.
(Edited)
Photo of Jon

Jon, Community & Customer Services

  • 4762 Posts
  • 3555 Reply Likes
This has now been set. Please don't attempt to access last.fm during this time, as you may get locked out of the site. :) If this does happen, all you need to do is clear your browser's cookies to access the site again. If you encounter any issues with this, just let me know here, and I'll lift the ban in the morning.
Photo of Gulhis

Gulhis

  • 3 Posts
  • 0 Reply Likes
Thank you for your help :)
Photo of Jon

Jon, Community & Customer Services

  • 4762 Posts
  • 3555 Reply Likes
Morning, I've lifted the ban on your account so you can log in again.  Please try changing your about me, and then let us know if it gets reverted back to spam. Also, please make sure you've updated your password if you haven't done so already.
Photo of Gulhis

Gulhis

  • 3 Posts
  • 0 Reply Likes
Thanks again. I’ve already changed my password. If something happens again, I’ll let you know. :)
Photo of Josh V

Josh V

  • 4 Posts
  • 3 Reply Likes
Hey, I would love a ban as well when you get the time. Thank you

https://www.last.fm/user/Vycrance
Photo of Jon

Jon, Community & Customer Services

  • 4762 Posts
  • 3555 Reply Likes
Ok, doing this now.  As I've said before please don't attempt to access last.fm during this time, as you may get locked out of the site. :)  If this does happen, all you need to do is clear your browser's cookies to access the site again.  If you encounter any issues with this, just let me know here, and I'll lift the ban in the morning.
(Edited)
Photo of Jon

Jon, Community & Customer Services

  • 4762 Posts
  • 3555 Reply Likes
Hi, I've now lifted the ban on your account.  Please try changing your about me, and then let us know if it gets reverted back to spam. Also, please make sure you've updated your password if you haven't done so already.
Photo of Jon

Jon, Community & Customer Services

  • 4762 Posts
  • 3556 Reply Likes
Official Response
Hi everyone, we've just pushed out an update that allows you to logout everywhere from your account settings.  This will log you (and anyone else) out of the Last.fm website in all browsers.

If you still have spam on your profile, please first change your password and then click the logout everywhere button underneath (you will be asked to enter your password to confirm).   Now log back in with your new password and you should find that you can edit your about me without further problems.  
(Edited)
Photo of blanckien

blanckien

  • 1 Post
  • 0 Reply Likes
Hi, I changed my password and logged out everywhere, but my Following list still has almost 700 people and I was following fewer than ten people before (almost all the people who follow me). Is there a way to mass-unfollow anyone who isn't following me back?
Photo of Patrick

Patrick

  • 1296 Posts
  • 929 Reply Likes
I'm afraid not. Your only solution is to visit the following tab and start clicking unfollow button for each user on your list.
Photo of Patrick

Patrick

  • 1296 Posts
  • 929 Reply Likes
Are there any updates? I still keep finding accounts with a malicious URL in about me.
Photo of Jon

Jon, Community & Customer Services

  • 4762 Posts
  • 3555 Reply Likes
Affected users can now delete the spam themselves and use the log out everywhere option to kick the spammers out of their accounts.
Photo of Patrick

Patrick

  • 1296 Posts
  • 929 Reply Likes
What about accounts that haven't been making any activity for several years? I found several of them that haven't been here since 2008 - 2014 and they are hijacked.
(Edited)
Photo of Jon

Jon, Community & Customer Services

  • 4762 Posts
  • 3555 Reply Likes
We'll be taking action soon to secure these profiles and remove the spam.
Photo of Patrick

Patrick

  • 1296 Posts
  • 929 Reply Likes
Ah, all right, got it.