Attack Report: SPAM emails (June 04, 2022)

Today, after we released the new version of Vemto, we realized that we had suffered a recent attack on our registration page, which, due to a bug, was not working properly with Throttle (to prevent multiple users from being registered in sequence).

Because of this, thousands of SPAM emails were sent through our email [email protected]

If you have received one of these emails, please ignore them.

The title of the email is "Vemto now supports Nova 4 šŸ”„" and the content is similar to the image below, but may contain meaningless names, links and phrases in the welcome message.

If the email you received contains any links other than the common Vemto download button, DO NOT CLICK ON IT!

If the message is exactly like the image below, with only your name, version description, and the "Download latest version" button, IT IS SECURE and you can click on it without problems.

We have already taken steps to prevent this from happening again:

  • We've tightened the validation so it doesn't allow usernames with links
  • We fixed the bug in Throttle so that the registration page can be accessed a maximum of 5 times per minute
  • Added Anti-SPAM validation
  • We sent emails to everyone who received the wrong emails
  • We deleted the emails from the attack from our database

Thank you for your understanding and we will be happy to answer any questions you may have.

Tiago Rodrigues

by Tiago Rodrigues

Software Developer. Creator of Vemto. Find me on Twitter.


A Desktop Laravel code generator that will power the way you start new Laravel Projects.
More Details