• entries
    96
  • comments
    103
  • views
    70,657

vBulletin strikes again.. PC Gamer Forums

I haven't liked vBulletin for some time now and mostly put that forum software behind me except for the occasional jab about how bad their software is. I came across this interesting update from PC Gamer the other day... with a part that I emphasized:

http://www.pcgamer.com/2013/07/26/why-forums-and-comments-are-still-offline/

Quote

Why forums and comments are still offline

You may have noticed that the forums and comments have been switched off for the past few days. On Friday 19th July one of our trusted moderators reported suspicious activity within the forums. They had discovered what appeared to be a script hidden in a forum announcement post. The script had been designed to steal users’ details (including password and date of birth) when clicked.

As a precaution our IT security team took immediate steps to close the forum to block the attack and fully investigate the extent of the intrusion. At this point we became aware that a small group of admins and moderators had their accounts compromised, the first of which had been used to post the malicious script.

It’s important to note that at this point our IT security team’s investigation has revealed that no other user data has been compromised, but it’s taken a few days to precisely pinpoint the problem so we can start plugging it and get everything back up and running. Apologies for the down-time; we’re being super-careful to ensure that the issue’s totally squashed before bringing things back online. All other site functionality that required user login will also remain inaccessible for the time being including new sign-ups to Gamer Rank.

There’s good news for fans of heated debate and occasional cat jokes, though. An interim solution will go live shortly that’ll bring back comments on article posts, so discussion can return to PCGamer.com. Praise the sun. It’s been spookily quiet around here.

The forum will take a little longer to return – especially as we will be reviewing our choice of forum software – but rest assured, we have our finest site surgeons on the case. We’ll let you know as soon as everything’s clear. Thanks again for your patience. We hope to get everything ship-shape as soon as possible so that normal service can resume.

For the official corporate line read below:

On Friday July 19th we were alerted to suspicious activity on PC Gamer forums by one of our moderators. This involved the posting of a malicious script into a forum post which, if clicked, could have stolen a user’s username, password and date of birth.

We took immediate action by closing down the PC Gamer forums and disabling user login. As a preventive measure we also closed all other forums within the Future network which use the same forum software, vBulletin.

Subsequent investigations into the extent of the intrusion on PCGamer have revealed the following:

- A small number of admin and moderator level passwords have been compromised. These were immediately dealt with on Friday July 19th.

- There is no indication in our logs which suggest any other user’s data has been compromised.

In light of this we are now investigating whether any of our other forums have been compromised using a similar exploit although we must stress at this point there is nothing to suggest any of other forums beyond PCGamer were targeted.

We will also be using this investigation period to review our choice of forum software to ensure chances of future attacks are as low as is possible.

Please visit the host site of your forum for any further information on the resuming of forum service.

We apologise sincerely for any inconvenience this outage is causing.

http://mos.futurenet.com/forum/

Quote

Important security update about Future forums

PC Gamer

Last week on the 19th July 2013 we discovered that PC Gamer's vBulletin-powered forum had been the target of a malicious attack. Immediate action was taken to shut the forum which blocked the attack and we have since been thoroughly investigating the damage done and how this attack took place.

We have no evidence that any of the PC Gamer's users' details were stolen. However we feel it is safest to keep the forum closed until we are satisfied that the security vulnerability in the software is fixed. Information on the progress of this will be communicated via the PCGamer site.

Other Future Forums

If you are seeing this message it is because this vBulletin forum has been closed as a precautionary measure. We have no evidence this forum has been compromised, however we are investigating each forum in our network individually to be sure this is the case.

The website teams will be in touch with more information on the progress of this as soon as it becomes available.

We are truly sorry for any inconvenience caused, we take our user's security very seriously and we appreciate your patience.

I don't visit PC Gamer's website, so I'm not certain what version of vB they were using, but this is pretty huge. The took all of their entire network's vBulletin powered forums offline because it was exploited.

Well PC Gamer, I suggest you switch to Invision Power.

vBulletin has really gone downhill and I'm glad we stopped using their software when we did.




4 Comments


UBB 4-LIFE XD

Thats pretty shitty though. vB use to be a great product. We had some good times under that format. Heck the Station Syndicate project ran under it and SS Radio was a blast to mess with.

Share this comment


Link to comment

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now


  • Recent Status Updates

    • Sledgstone

      Fairy Tail is officially ending. Only 10 chapters left. This writer turned this series into garbage plot lines. I'm genuinely pissed at this manga now. Not because favorite characters are being killed off like most manga/animes do at the end.. Not that any main characters at this point are in any real threat of dying since every character seems to be immortal. Being mad like that would be a good thing since it means I feel for the characters and the overall plot.. But instead I'm mad because the writer threw so many random plot lines into the story over the last year that its become laughable like a bad soap opera. All long term plot lines are pretty much negated and last minute characters and plot lines now resolve everything.. something that was just revealed 10 chapters ago now solves half the danger to the planet that has been build up as an ultimate power throughout the last 400 chapters. wtf.
      I'll compare this to DBZ. Imagine all that build up how powerful Freeza was.. but then right before Goku is going to fight him, Krillin found some magic orb and then Bulma kicked it at Freeza and killed him. No big fight with Goku, no planet namek getting destroyed.. hell, Goku never even met Freeza. Thats the equivalent of what just happened. WTF.
      · 7 replies
    • Sledgstone

      I did a minor upgrade to the site today, but a couple of themes are not running the most recent build so there might be a few issues with the text editors or some links not displaying everything 100% properly. If anyone notice any discrepancies, let me know.
      · 1 reply
    • DeathscytheX

      Looks like Overwatch is having a free weekend the 26-29th. Noobs everywhere. 
      · 1 reply
    • Sledgstone

      GW2 had a balance patch yesterday and my necro had 2 specific skills changed. Epidemic got nerfed, and plague form got turned into plaguelands. I tried them both out last night. In a small mob of enemies epi looks like it works about the same, but I need to test it out more thoroughly. I haven't used the plague form in over a year, but when I did use it, it was for pvp and wvw because it gave stability and basically guaranteed an un-interrupted enemy stomp. Now it is a completely different skill that makes a small aoe field that pulses massive conditions. When I used it on a mob, that mob melted faster than anything. Holy crap. But even with my traits set to reduce cool down on corruption skills, I can only use this skill every 80 seconds. This skill is only useful against large zergs of strong enemies and bosses. This skill was designed specifically for raid bosses imo. Its aoe is too small and the cool down too high for normal pve. I'd rather keep flesh golem on for the cc against champs and legendary enemies. Sure plaguelands can pump out the damage, but the utility of flesh golem cc is too good to give up for me.
      · 0 replies
    • Sledgstone

      It feels like I've had constant appointments for the last month that keep eating into all my free time. Even this week I have at least 3 places to go during work hours causing me to make up time during my free time. x_x Tomorrow I need to go back to the tire shop. I got my summer tires mounted and balanced on thursday and by late saturday afternoon I'm getting a helicopter kind of air sound from my front left tire. "whoosh whoosh whoosh". I thought I had a bearing going, but I got my breaker bar out and sure enough the lug nuts weren't tight. wtf. First time I've ever had this tire place screw up a mounting before and I've been going to them for over 14 years. I tightened them up but I'm still getting a bit of sound while driving. I don't feel like hauling my 3 ton jack out of my basement so I"ll go back there tomorrow. I'm pretty certain they're going to have to lift the car and re-center the tire.
      · 4 replies
  • Topics