IrishMASMSMay 12, 2024

It looks like freecycle.org is dealing with a security incident

Multiple responses to postings, all with what appears to be automated accounts with gibberish usernames of punctuation, capital letters, and numbers. The activity started last night around midnight PT, and continues - most recent being 40 minutes ago.

The messages have been deleted with the message:

system notifier

There are no messages in this thread.

This issue after the recent data breach, I have to wonder what problems #freecyle is dealing with.


#spammers #scammers #malicious #suspectfiles #malware #triage #ioc #_ioc #infosec #informationSecurity #IncidentResponce #IR #spam #infosec #infomantionSecurity #virustotal #ABUSE

Show threadIrishMASMSMay 13, 2024

Well #freecycle is still dealing with the incident.

two more "user verification" email waves in the last 24 hours. One at 6:30 PT and one at 0500 PT.

Does not seem like #freecycle folks are handling this well - though all messages are removed as they were previously.

🤔 what vulnerability is being exploited?

#spammers #scammers #malicious #suspectfiles #malware #triage #ioc #_ioc #infosec #informationSecurity #IncidentResponce #IR #spam #infosec #infomantionSecurity #virustotal #ABUSE

Show threadIrishMASMS

It seems this activity has been going on since 3 May

https://freecycle.helpscoutdocs.com/article/327-spam-email

First issues with this incident response: zero communications with their user base. I had to go digging just to find this support portal wiki page.

Second issue: this is not spam but likely phishing. Use the correct terms folks.

#freecycle #spammers #scammers #malicious #suspectfiles #malware #triage #ioc #_ioc #infosec #informationSecurity #IncidentResponce #IR #spam #infosec #infomantionSecurity #virustotal #ABUSE

SPAM MESSAGES - Freecycle Knowledge Base

We are aware that our members have received spam messages in reply to their posts. Please do not click on the link in the message, or reply to it. Freecycle.org

May 13, 2024 at 6:47pmWeb