• entries
    96
  • comments
    103
  • views
    78,324

vBulletin.com has been hacked

Sledgstone

2,664 views

I received this email today:

Quote

This is an important message about your account.

We take your security and privacy very seriously. Very recently, our security team discovered sophisticated attacks on our network, involving the illegal access of forum user information, possibly including your password. Our investigation currently indicates that the attackers accessed customer IDs and encrypted passwords on our systems. We have taken the precaution of resetting your account password. We apologize for any inconvenience this has caused but felt that it was necessary to help protect you and your account.

To regain access to your account:

  1. Visit the vBulletin forums at http://www.vbulletin.com/settings/account
  2. Enter in your existing password followed by your new password, twice for confirmation.
  3. Save this page at the bottom.

Please choose a new password and do not use the same password you used with us previously. We also highly recommend that you chose a password that you are not using on any other sites.

If you have any additional questions or concerns, please feel free to contact our support team at http://www.vbulletin.com/go/techsupport or support@vbulletin.com.

Sincerely,

Wayne Luke,

vBulletin Lead Technical Support.

Helping You Build Better Communities,

After logging into vbulletin's site, I changed my password and checked out the client forums. vBulletin's software was compromised, again.

Earlier this year, PCGamers forum was hacked and then earlier in July, Ubuntu forums was hacked. And just the other day vbulletin.com, vbulletin.org and MacRumors were all hacked. All of the sites were running vbulletin software.

References:

http://blog.canonical.com/2013/07/30/ubuntu-forums-are-back-up-and-a-post-mortem/

http://www.macrumors.com/2013/11/12/macrumors-forums-security-leak/

https://www.facebook.com/inj3ct0rs/posts/611793255548704

http://www.vbulletin.com/forum/forum/vbulletin-announcements/vbulletin-announcements_aa/4007195-important-message-regarding-your-account

http://www.vbulletin.org/forum/showthread.php?t=304626

I'm glad we stopped using this software when we did. vbulletin.org runs vb 3 which is what we were running in the end before switching to Invision Power Board. If vb3 is now vulnerable, then all the numerous sites still using it are at risk. Anyone that has used the same password on all sites, should not use any password they have previously used on any vBulletin site.

The Ubuntu and MacRumors sites were hacked because a moderator account was broken into. The vBulletin.com and vBulletin.org sites have not stated how they were hacked into, nor do they have a fix for this exploit because it is "being looked into."




0 Comments


There are no comments to display.

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now


  • Recent Status Updates

    • Sledgstone

      I've been too busy with moving and stuff. I didn't realize facebook login crippled the front page of AC unless you were logged in. I don't know when that started happening, but I've disabled facebook and twitter login for now until I have the time to resolve the issue.
      · 1 reply
    • Sledgstone

      I never want to move again. Almost every day for the last week has been rain and it's raining even now. It's hard to believe how much stuff two ppl can accumulate over 18 year's until you have to move it all under a time restriction.
      · 1 reply
    • Sledgstone

      Thanks Spectrum/Time Warner for shutting off my services in the middle of the work day. fml. I scheduled the new account activation at my new house for this weekend and for the old account at the house I'm renting to terminate as of monday.. so what does Spectrum do? Shut my account down 1 day before the new account is activated and a full 4 days before it was scheduled to close. wtf. It took me 40 mins on the phone for them to reactivate my internet so I could finish working. wtf.
      · 2 replies
    • DeathscytheX

      With the summer simuldub season coming to a close, it played out like I predicted more or less. I'll wait a bit longer before I post my review. Pretty lackluster overall. But for me, the Fall Lineup is pretty stacked. Fairy Tail, SAO Season 3, and Black Clover continues which has become a lot more promising after this last arc I just watched... by far its strongest and most compelling. I watched the first episode of Double Decker! Doug & Kirill which was entertaining, and SSSS.GRIDMAN seems to be a Pacific Rim clone. Overall a return to more action adventure series, and lighter on the fan service heavy series.
      · 13 replies
    • Sledgstone

      Finally got our house today. All the legal paperwork is done and keys in hand.
      · 2 replies
  • Topics