• entries
    96
  • comments
    103
  • views
    71,082

vBulletin.com has been hacked

Sledgstone

2,330 views

I received this email today:

Quote

This is an important message about your account.

We take your security and privacy very seriously. Very recently, our security team discovered sophisticated attacks on our network, involving the illegal access of forum user information, possibly including your password. Our investigation currently indicates that the attackers accessed customer IDs and encrypted passwords on our systems. We have taken the precaution of resetting your account password. We apologize for any inconvenience this has caused but felt that it was necessary to help protect you and your account.

To regain access to your account:

  1. Visit the vBulletin forums at http://www.vbulletin.com/settings/account
  2. Enter in your existing password followed by your new password, twice for confirmation.
  3. Save this page at the bottom.

Please choose a new password and do not use the same password you used with us previously. We also highly recommend that you chose a password that you are not using on any other sites.

If you have any additional questions or concerns, please feel free to contact our support team at http://www.vbulletin.com/go/techsupport or support@vbulletin.com.

Sincerely,

Wayne Luke,

vBulletin Lead Technical Support.

Helping You Build Better Communities,

After logging into vbulletin's site, I changed my password and checked out the client forums. vBulletin's software was compromised, again.

Earlier this year, PCGamers forum was hacked and then earlier in July, Ubuntu forums was hacked. And just the other day vbulletin.com, vbulletin.org and MacRumors were all hacked. All of the sites were running vbulletin software.

References:

http://blog.canonical.com/2013/07/30/ubuntu-forums-are-back-up-and-a-post-mortem/

http://www.macrumors.com/2013/11/12/macrumors-forums-security-leak/

https://www.facebook.com/inj3ct0rs/posts/611793255548704

http://www.vbulletin.com/forum/forum/vbulletin-announcements/vbulletin-announcements_aa/4007195-important-message-regarding-your-account

http://www.vbulletin.org/forum/showthread.php?t=304626

I'm glad we stopped using this software when we did. vbulletin.org runs vb 3 which is what we were running in the end before switching to Invision Power Board. If vb3 is now vulnerable, then all the numerous sites still using it are at risk. Anyone that has used the same password on all sites, should not use any password they have previously used on any vBulletin site.

The Ubuntu and MacRumors sites were hacked because a moderator account was broken into. The vBulletin.com and vBulletin.org sites have not stated how they were hacked into, nor do they have a fix for this exploit because it is "being looked into."




0 Comments


There are no comments to display.

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now


  • Recent Status Updates

    • Sledgstone

      Even in the last couple chapters of Fairy Tail, people that just died are brought back to life again.. At least a main bad guy is getting a proper ending now with one last big fight. Only 5 chapters left. Knowing how this manga is going, I'm guessing everyone will win with the power of friendship, or the author will be the ultimate troll and have the bad guy win and kill everyone. lmao. If he did that it would piss off everyone. I kind of hope it happens. I'm rooting for evil to win.
      · 1 reply
    • DeathscytheX

      wtf... Its 6v1 on WvW this week... both of our opponents are triple link servers. How is that even fair? We're getting destroyed in skirmishes because they K-train the whole map. They can't fight worth anything because were were farming them hard. But every time we dug out of last place we were instantly back in it within seconds of taking a keep or tower. They probably have like 3 commanders from each server zerging around the map capping stuff. How did Tarnish Coast get so bad that it needs 2 servers linked to it? Feels like not too long ago it was the weekly battle of JQ/BG/TC.
      · 2 replies
    • DeathscytheX

      Well I guess I put off buying a video card for too long. All the prices have skyrocketed by 50% or higher because of some bullshit ethereum mining thing. I'm def not paying these prices. I was planning on doing it next month when I financially had a chance to do so. I guess I'll have to hope my video card last a bit longer.
       
      · 5 replies
    • DeathscytheX

      The older I get, the more I dislike the general public. I was never Mr. Popular in school because I kept to myself and felt that the upper echelon of the social order was so trivial. I can befriend just about anyone of any type of values/background. But overall my circle of friends is pretty small, and always has been.

      I say all that to say this... holy shit why are people so fucking stupid on the internet? I'm pretty new to this whole reddit/facebook groups thing. I remember running around anime forums as a 14-15 year old shooting off at the mouth like I was hot shit... but these are grown ass adults that don't have a fucking clue what they are talking about, nor do they want to learn.
      I see all these morons on the GW2 facebook group asking dumbshit questions you can easily look up yourself on wiki or youtube... The GW2 community has the best community of YT guide makers of any game... quite literally there are the most pointless guides for even the biggest imbeciles.  Taking 5 steps in a straight line from a waypoint to get to a POI? You better believe there is a YT video on how to do it! Just type in the name of the POI and at least 5-6 20 sec-1min videos will pop up. You could have tabbed out of GW2, or pulled out your phone and looked that bullshit up and got it done w/o wasting your time posting a question in a facebook group and waiting for someone to respond. I mean what the actual fuck? Then they get butthurt when someone posts the link to the wiki, and people actually coddle this fool like we shouldn't tell him to try harder to help himself? I almost left the group because of that because it was the second time in two days I saw it. Kumbaya shit pisses me off, and as a society its lead to the everything is offensive/racist/bigoted/cruel. Sometimes people have to feel like people think they're stupid to better themselves. Its called learning the hard way, and I've done a lot of it myself.
      Then you have assholes telling you about the class you main, and they have no fucking clue how the class works.... because they don't even play it. They main another class. Its obvious by what they're spewing out, by leaving out various aspects of the class while giving out vague descriptions... then a lot of times saying something that's completely false.
      But this is just a side note really, what set me off on this rant today is another facebook group. I'm a EDC nut. I own multiple guns, pocket knives, and flashlights. I recently got into a group about a particular brand of knife I enjoy. Overall its a great group that gives me good ideas about future purchases I might make. I recently ordered a knife that is an upgraded version exclusive from a certain knife retailer. It has a high tier quality blade steel, making the knife double the cost of the standard version. Even then at $80, this steel is normally only found on pocket knives that are $220-400. Its one hell of a deal. So this new guy that joined the group asks in a comment reply why would anyone pay double the price for this knife when he got it for way less. I explained to him what the deal was, because that's what the group is for... sharing knowledge and opinions. He never responded so I figured he understood and moved on.... then later down the comments I see him ask the question again... Another member tells him about the steel, and I follow up explaining that its an exclusive version of the knife only sold by that particular retailer, and I even go into why that steel is special and its characteristics. Once again no acknowledgement. He later makes his own post, posting the basic version of this knife that he owns, and someone asks him what version it is, and he states he just found out that there are more than one version of his knife and asks AGAIN why is there a one doubled in price.... this all took place in the span of 17 hours. I mean did you not fucking read mine and other peoples explanation? You read it enough to know there was more than one version! Holy shit.... Why are you so fucking ignorant? Is your mental retention that bad? How did you even manage make it back to the facebook group two days in a row?
      I'm not really raging, even though it sounds like it. It just bothers me that people act this helpless. The internet has made people even more lazy despite the fact that there is a wealth of knowledge to be had. I've learned a shit ton using it, whether it be about science, history, or my very own hobbies. I mean how do these people even pay their internet bill? Did they post on their ISP's forum to ask how to do it? Google is a powerful tool to find quick answers to everything. It requires way less clicks. Use groups and reddit for opinion discussion... not for basic questions that you need to find on your own. You just look like someone that could drown in the shower.
      · 2 replies
    • Sledgstone

      I wish amazon would indicate if something is being shipped from out of country. The last 2 items I've purchased were both prime eligible and both gave the impression there would be 2 day shipping, until I get to the checkout and 'free 2 day shipping' has a delivery date of 1 week later. Still no indication as to why until I get the UPS tracking number and find out the item is being shipped from Canada. I haven't had anything from amazon actually arrive in 2 days in over 8 months.
      · 11 replies
  • Topics