• When you click on links to various merchants on this site and make a purchase, this can result in this site earning a commission. Affiliate programs and affiliations include, but are not limited to, the eBay Partner Network.

Trouble with Comiclink Website?
10 10

Started by Dick Pontoon,

266 posts in this topic

alecholland

alecholland

Posted
Posted
On 8/4/2023 at 11:13 AM, frank_newman said:

Put in a bid for the first time since the downtime and got this:

image.png.403a6e8f95b377917abc59c7b8da95b1.png

God bless.

Is it even safe to login to their website yet? I won a book in the auction that just ended and would like to pay for it, but I don't think I want to use their website to pay and I haven't received an email confirming that I even won the book yet.

IMHO this is completely unacceptable. Down this many days and not a word from CL to let their customers know they are working on the issue and whether it is even safe for people to visit and login to their website. It makes me very wary of being a customer in the future. 

Link to comment
Share on other sites
Chaz G.

Chaz G.

Posted
Posted
On 8/4/2023 at 12:46 PM, alecholland said:

IMHO this is completely unacceptable. Down this many days and not a word from CL to let their customers know they are working on the issue and whether it is even safe for people to visit and login to their website. It makes me very wary of being a customer in the future. 

Agreed. Why should anyone support a site that doesn't have the common decency to post a small note, "Hey, we've been having issues. We're working on it. Thanks, for your Patience!"

Still, I do hope I win the Incorrect Syntax Near . . . :banana:

Link to comment
Share on other sites
wiparker824

wiparker824

Posted
Posted
On 8/4/2023 at 9:46 AM, alecholland said:

Is it even safe to login to their website yet? I won a book in the auction that just ended and would like to pay for it, but I don't think I want to use their website to pay and I haven't received an email confirming that I even won the book yet.

IMHO this is completely unacceptable. Down this many days and not a word from CL to let their customers know they are working on the issue and whether it is even safe for people to visit and login to their website. It makes me very wary of being a customer in the future. 

It’s not recommended. Any site compromised like this (which it still is as of this morning people reporting being redirected) can send the payload including CC to the attacker with the redirect. It’s really just a matter of if that payment page is a page with open vulnerabilities or not. The redirects are worse than the errors people are reporting, the errors are likely attempts to patch gone wrong and look like just syntax errors. 

Link to comment
Share on other sites
namisgr

namisgr

Posted
Posted

It's still working for me.  I can bid on a comic, have the new bid recorded and the new winning price shown with the thumbnail front cover photo where it always is.  Just at the top right, it also has this message: 

There was an error during processing of requested page.
Number:          0x80040E14
Category:        Microsoft OLE DB Provider for SQL Server
File:            /auctions/item.asp
Line, column:    644, -1
Description:     Incorrect syntax near ','.
ASP Description:

All the books I've bid on still show up on my 'books you've bid on' list as per usual, and this page also reflects new bids I've just now placed.

Link to comment
Share on other sites
brettfes

brettfes

Posted
Posted (edited)

so what do we think the state of the site is for tonight? its clearly a s**t-show, but going forward no matter what... which seems, well... lmfao.... not bidding but curious.

 

Edited by brettfes
Link to comment
Share on other sites
Mmehdy

Mmehdy

Posted
Posted
On 8/4/2023 at 11:09 AM, brettfes said:

so what do we think the state of the site is for tonight? its clearly a s**t-show, but going forward no matter what... which seems, well... lmfao.... not bidding but curious.

 

I would proceed with caution and avoid it until some update detailing what has occurred and what risks are involved in using the site while it is being either attacked or compromised. Just a simple  it is OK would do as I would believe them.

Link to comment
Share on other sites
namisgr

namisgr

Posted
Posted

I plan to continue to use it to try to buy books at auction as before.  As for concern over compromised information, I don't have any on the site as I use checks for payment and haven't given them a credit card number.

Link to comment
Share on other sites
jimbo_7071

jimbo_7071

Posted
Posted
On 8/4/2023 at 2:21 PM, Mmehdy said:

I would proceed with caution and avoid it until some update detailing what has occurred and what risks are involved in using the site while it is being either attacked or compromised. Just a simple  it is OK would do as I would believe them.

 

On 8/4/2023 at 2:38 PM, namisgr said:

I plan to continue to use it to try to buy books at auction as before.  As for concern over compromised information, I don't have any on the site as I use checks for payment and haven't given them a credit card number.

I might trust them with a check, but I wouldn't trust them with a credit card at this point. I had an expired credit card stored on the site. I just deleted it, but even though it was expired, I'm going to be watching for suspicious activity on that account. (For my last order, CGC was able to bill my account even though I had not updated my expiration date and security code on the CGC site; the initial charge was incorrect because they had not deducted the $150 grading credit that I had with them, but they fixed that promptly when I brought it to their attention. What concerns me is that they were able to bill my account at all after my card had expired. So now I really don't trust expiration dates.)

Link to comment
Share on other sites
davidking623

davidking623

Posted
Posted

I am able to go to the auction this time this early afternoon without being directed , but did notice the auction date listings not there for the days they were down/crashed .I was able to make a bid without being directed to other sites . My Time 12:15 pacific .

Link to comment
Share on other sites
Buzzetta

Buzzetta

Posted
Posted

I did the same as a few of you.  I logged in and immediately erased my cc information that was stored on file.  Those cards were expired anyway or cancelled after the accounts were previously compromised but I figured it would be better to erase them anyway. 

Link to comment
Share on other sites
bc

bc

Posted
Posted

If this was a hardware/network failure, then the risk of exposing PPI is very low.

You guys do realize that if this is a malware attack, you should not be logging into your account at all which could expose your credentials while they are still "recovering"?

With an outage this long, expect all information to already be archived and copied to a private server. Now they sit back and harvest your credentials that they can use against the copy they have to expose all your personal data. Pretty basic hacking technique actually.

The fact that they have not communicated a fairly detailed reason for the extended outage leads me to believe that 3rd parties have been brought in.

-bc

Link to comment
Share on other sites
wiparker824

wiparker824

Posted
Posted (edited)
On 8/4/2023 at 1:07 PM, bc said:

If this was a hardware/network failure, then the risk of exposing PPI is very low.

You guys do realize that if this is a malware attack, you should not be logging into your account at all which could expose your credentials while they are still "recovering"?

With an outage this long, expect all information to already be archived and copied to a private server. Now they sit back and harvest your credentials that they can use against the copy they have to expose all your personal data. Pretty basic hacking technique actually.

The fact that they have not communicated a fairly detailed reason for the extended outage leads me to believe that 3rd parties have been brought in.

-bc

Which is exactly why you don’t just operate business as usual and leave the site up during the recovery portion, more people log in, more credentials potentially taken. It’s actually that which tells me they probably don’t have a 3rd party involved, because any real company brought in to handle this situation would not have the site live in its current state. 

Edited by wiparker824
Link to comment
Share on other sites
bc

bc

Posted
Posted
On 8/4/2023 at 4:19 PM, wiparker824 said:

Which is exactly why you don’t just operate business as usual and leave the site up during the recovery portion, more people log in, more credentials potentially taken. It’s actually that which tells me they probably don’t have a 3rd party involved, because any real company brought in to handle this situation would not have the site live in its current state. 

I agree 100%

But what makes you think that Clink has been actually operating the site?

-bc

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
10 10
Go to topic listing