Hackers are creating spam accounts and registering for hidden list

Hi,

This is strange!

Please let us know which version of Email Subscribers do you use?

As you mentioned, users signed up with “Subscriber” role. We suspect that users are signup from the WordPress form (you might have added it into one of the pages) and you have set up a workflow in Email Subscribers.

Automate workflow of Email Subscribers subscribe users to a specific list whenever they signup into WordPress.

If that’s the case, first disable that workflow for some time and also check from where hackers are signing up in your WordPress setup.

Please check and let us know.

Hi Malay,
I am using Version 4.6.10.

I have an Email Subscribers sign up widget on the right sidebar. It automatically adds subscribers to the “WebSubscriber” list.

New users are usually created when they make a purchase through Woocommerce and are assigned the “Customer” role. I have a Workflow that adds those new Users to the “Customer” list.

No where do I have any form or workflow that adds subscribers to the “Test” list.

The hackers are somehow able to use the Email Subscribers form and choose their own list (even though I have this feature disabled). They are also inserting a spam URL into their name field. I have 621 new fake subscribers since this started on about 8-Feb.

Thank you

Hi @highrollerusa,

Thanks for giving us more information related to the issue.

We are able to replicate this issue at our end and working on a fix for it.

The fix should be available in the next release.

Thanks for your coordination and support.

Wonderful! Thank you for addressing this quickly. I look forward to the next release.

Hi there,

We have released a new version(4.6.12) of the Email Subscribers plugin which addresses this issue. This new version adds an extra layer of security to reduce such spam subscriptions.

Please update to the latest version and let us know if how it goes.

Thank you! I have had no spam subscriptions since the update. Thanks for your work.

Hi,

Thanks for this post as I’ve been going through the same situation without noticing (till today) and I wanted to share my case and worries.

The issue is that today updated my WordPress blog to 5.7 and also updated this plugin to the last available version (4.6.12.1, sstill not compatible with 5.7). When checking the configuration of the plugin, I noticed that my subscriber list growed from 180 to 1500 during February, and believe me, that was not possible as I haven’t post in the last two months and I simply have a basic suscription widget in the sidebar of the blog.

In fact they have used same nicks as the ones shared by @highrollerusa and a lot of fake (or robbed) email accounts.

Very worried with this, I’ve manually removed all these new suscriptors from the list and I will monitor there are no more similar suscriptions in the following days after the update of the plugin. Hope they’ve not taken control of the email delivery functionality of the plugin within the past weeks :-S.

So the update completely solved this spam attack issue @highrollerusa?

Thanks very much in advance.

Best regards,
Miguel

Hi @lonifasiko, yes the latest update (4.6.12+) mentioned by @kishanranawat solved the problem for me. No new spam sign ups at all. I think you should be good.

I do really appreciate your fast response. In any case, I will keep an eye on this. Thanks very much!