Unauthorized user accounts

[luciano991]

Good morning. Today I have received a number of emails from my Joomla! sites indicating that hackers had created user accounts. This happened on sites where user registration is not permitted. And it happened on sites that have been upgraded to 3.6.4. One thing we can do in the User options is to make sure account activation is set to Administrator and not self. I don't think the hackers have figured out how to activate the accounts yet. This is a long standing bug in Joomla! and it's a travesty that they haven't fixed it yet. 

Mark