node icon indicating copy to clipboard operation
node copied to clipboard

Published 20 hours ago verified publisher icon mysteriumnetwork

!!!mystnodes.com security issue!!!

Open veldspar opened this issue 2 years ago • 1 comments

hey there, I just received 3 E-Mails from a google mail account. I use catchall mailboxes on my domain, so this email address is only being used on mystnodes.com. As a result, I can say for certain that whoever sent these 3 emails had access to it using the database from mystnodes.com. One of the three messages sent: (I redacted email and server parts!)

For the mysterium operators, if you need to contact me directly, one of my nodes identities registered on mystnodes.com is: 0xeb6759528e355b9c7932c9df9d4b7560d9577258 you should be able to get the necessary information that way

`Return-Path: [email protected] Delivered-To: [email protected] Received: from mail.redacted.org by mail.redacted.org with LMTP id GAjOB0QgEmPXbwAANZG+Qw (envelope-from [email protected]) for [email protected]; Fri, 02 Sep 2022 17:24:52 +0200 Received: from mail-yb1-xb2f.google.com (mail-yb1-xb2f.google.com [IPv6:2607:f8b0:4864:20::b2f]) by mail.redacted.org (Postfix) with ESMTPS id CCC17DFBE1 for [email protected]; Fri, 2 Sep 2022 17:24:51 +0200 (CEST) Received: by mail-yb1-xb2f.google.com with SMTP id e71so3580948ybh.9 for [email protected]; Fri, 02 Sep 2022 08:24:51 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=to:subject:message-id:date:from:mime-version:from:to:cc:subject :date; bh=JEkgwjrGOQPRQbpESUZGrcs+P6GI4CQL4/EitwIi5V0=; b=ZhJmTru59PlydR+IJb5aVPNp/sWn3K151zAH/qGVn3YuMCCdoH8/Ec6yT9LiAKo3Lr ZwUth/JF0C1u/Gf/CsO6bk480qkAP80LyKQ11MgIzdNR/mj0LRO46IYb9azxEA48RxD5 qKClRsu5BNlwQafSgqckkCwPLzxO7+eC1bX1EGsRc5BfJd5mabcz7OB3stOPqhSh0Uei 8yuVypT9y08jPlE8ucEgeoZBPZFrSPUjW4Ggba39D/qkEil8eVh01b2eI0N90nTGH7Qs DsuIvtYpOXzIZ3Rw8MrDKnCvoC/u0S+3z0cwGjyaGCsAAkopLDNGpp9Ft87R2cjHdAvQ 44Ag== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=to:subject:message-id:date:from:mime-version:x-gm-message-state :from:to:cc:subject:date; bh=JEkgwjrGOQPRQbpESUZGrcs+P6GI4CQL4/EitwIi5V0=; b=zW78IashRVQsrPp25qQBTPbS7puLnpqQUYM/+IR4QtK+S1zLP+XVv7BtVdRphkRUHr LrI7uV1paznjhfwdNfxnDyzFf4jGVSG3jw71zCJvjDQfQT3LkXtyLackK62pYpEcTc9F 1n8IIpEHZ8MzS0883TAYg8COXkMZh4gnijLma4BX+I8+X/tdPpE9k0aGlq0U7n+49y9f jKgAZjYDmXJmHG8+5gTKbUsb2azShqj/aMTV8wdgTjsN+wYOYJxBX3OCJVf+CIhmwMCJ CTFA6IvGva7TVAgXmSs4t43n29zmI1f5MIc8qzHB0Z9Wk2mRT0T38MDZ55zMzMOCK9QK EviA== X-Gm-Message-State: ACgBeo22AkJqRlUTxMliN6Y8DT7VxNBNKaV5ehcBTfUlq3s+syCIoVxv g1fX95xx5VJuVsol3/4KKlQcNqWw2vkHXFTTj4EfC5Qq X-Google-Smtp-Source: AA6agR5E/Y4c/T7xThxHwkfUOZsUhMZz/hJ1HYzFNzAapYOA9HbEt9Y4U30WuAmR/FRpCSui+hd3mSJD6ZY/BIvYCnc= X-Received: by 2002:a25:add1:0:b0:6a5:e722:cf37 with SMTP id d17-20020a25add1000000b006a5e722cf37mr1452270ybe.633.1662132290237; Fri, 02 Sep 2022 08:24:50 -0700 (PDT) MIME-Version: 1.0 From: Daniel Loks [email protected] Date: Fri, 2 Sep 2022 20:54:39 +0530 Message-ID: CAK4W=B9K4krtm9wcSVHh0wFuRV0iNBjccgEFOC2cG8HBkF5Z1Q@mail.gmail.com Subject: Boom2 To: [email protected] Content-Type: multipart/alternative; boundary="000000000000bab87a05e7b354dd" X-Rspamd-Queue-Id: CCC17DFBE1 X-Spamd-Result: default: False [-1.00 / 15.00]; ARC_NA(0.00)[]; R_DKIM_ALLOW(-0.20)[gmail.com]; FROM_HAS_DN(0.00)[]; R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36]; FREEMAIL_FROM(0.00)[gmail.com]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; PREVIOUSLY_DELIVERED(0.00)[[email protected]]; TO_DN_NONE(0.00)[]; RCPT_COUNT_ONE(0.00)[1]; TO_MATCH_ENVRCPT_ALL(0.00)[]; DKIM_TRACE(0.00)[gmail.com:+]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; FROM_EQ_ENVFROM(0.00)[]; RCVD_TLS_LAST(0.00)[]; FREEMAIL_ENVFROM(0.00)[gmail.com]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; RCVD_COUNT_TWO(0.00)[2] X-Rspamd-Server: mail

--000000000000bab87a05e7b354dd Content-Type: text/plain; charset="UTF-8"

--000000000000bab87a05e7b354dd Content-Type: text/html; charset="UTF-8"


--000000000000bab87a05e7b354dd-- `

veldspar avatar Sep 02 '22 15:09 veldspar

Hi, @veldspar can you send us the screenshot of the email?

Ayse-AK avatar Sep 05 '22 06:09 Ayse-AK

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

stale[bot] avatar Dec 04 '22 10:12 stale[bot]

This issue has been automatically closed because it has not had activity for a long time. If this issue is still valid, please ping a maintainer and ask them to label it as "pinned". Thank you for your contributions.

stale[bot] avatar Feb 02 '23 22:02 stale[bot]