LemonGrenade

Thanks @Marc Stridgen I've removed some 3rd party apps already and kept the ones that are only really needed!

Indeed, but it wasn't him.

Yep understood, but it was new content, plus the post itself was a very 'hacked' type message.

The user had no account previously and posted as a guest in a member post protected forum.

Thanks, @Marc Stridgen There isn't any guest posting anywhere, there never has been, which is why I was so concerned. It did move forum, because I moved it to a moderating forum, and then moved it back for you to check. I did slightly doubt that it was the board, as you guys would know about it way before, and obviously, others would be saying the same thing. I would agree and suspect it may be a third-party app, but without the marketplace hooked up in admin now and no notifications of updates, I wouldn't know where it could be from. Plus all devs are spread on sites around the internet now, which makes it so much harder when things like this occur and looking for updates. Thanks for looking into it anyway.

Changed. Thanks.

I sent the link via PM @Marc Stridgen If the site is open security-wise, I'd rather not add the site to a public post.

This morning I found a new random post in a forum that is locked to member-only posting, there is no genuine way a guest could post in there. Any other reports of this happening to anyone? It hadn't happened before today.

Tested, both Giphy and Tenor embed if just copying and pasting image link. It's probably worth deactivating completely then in admin and letting users go fetch them if needed! The next move would be them maybe blacklisting the forum if using too many but there we go!

Seems like a lot of work and not sure if possible. The easiest way going forward is just deactivate the function so it isn't using the API and just tell users to embed via Giphy. I tried Tenor but that doesn't seem to embed. In fact, maybe Giphy won't embed if deactivated.

Am just coming back to update this topic. As I thought, our forum has been contacted because we have hit some kind of limit on GIF bandwidth with Giphy and now we can either pay a fortune for a premium account or run an SDK via Giphy with adverts. I am very surprised others haven't been contacted yet. Remember, all gifs on older posts will still be using Giphy bandwidth, and over time as more get added, that will build up; before you know it, you will either have to pay or try and work out how to add the SDK to Invision and have the pleasure of running Giphy ads. I'm still in talks with them but looks like am going to have to deactivate it. This is something to keep in mind if you have it running on your forum, and also something for Invision to bear in mind with IPB 5 down the line. If it is something forum owners are going to have to deactivate later on, it might not be worth even having it running in the first place.

It's legit! Wondering now if the SDK will be easy to build in and what sort of display the ads will show. It may have to be deactivated completely depending on the ad frequency. @Marc Stridgen @Jim M It may be possible that I have received this as our forum has hit some kind of limit on the number of gifs being shown (it gets used a lot) so will reply and confirm that with them if I can.

I thought that but can't see anything dodgy in the header. I'll ask Giphy if I can and report back.

It's strange too cause it's actually coming from the @giphy.com email address.