Jump to content
Ancient Clan
  • entries
    96
  • comments
    103
  • views
    97,760

vBulletin.com has been hacked

Sledgstone

2,825 views

I received this email today:

Quote

This is an important message about your account.

We take your security and privacy very seriously. Very recently, our security team discovered sophisticated attacks on our network, involving the illegal access of forum user information, possibly including your password. Our investigation currently indicates that the attackers accessed customer IDs and encrypted passwords on our systems. We have taken the precaution of resetting your account password. We apologize for any inconvenience this has caused but felt that it was necessary to help protect you and your account.

To regain access to your account:

  1. Visit the vBulletin forums at http://www.vbulletin.com/settings/account
  2. Enter in your existing password followed by your new password, twice for confirmation.
  3. Save this page at the bottom.

Please choose a new password and do not use the same password you used with us previously. We also highly recommend that you chose a password that you are not using on any other sites.

If you have any additional questions or concerns, please feel free to contact our support team at http://www.vbulletin.com/go/techsupport or support@vbulletin.com.

Sincerely,

Wayne Luke,

vBulletin Lead Technical Support.

Helping You Build Better Communities,

After logging into vbulletin's site, I changed my password and checked out the client forums. vBulletin's software was compromised, again.

Earlier this year, PCGamers forum was hacked and then earlier in July, Ubuntu forums was hacked. And just the other day vbulletin.com, vbulletin.org and MacRumors were all hacked. All of the sites were running vbulletin software.

References:

http://blog.canonical.com/2013/07/30/ubuntu-forums-are-back-up-and-a-post-mortem/

http://www.macrumors.com/2013/11/12/macrumors-forums-security-leak/

https://www.facebook.com/inj3ct0rs/posts/611793255548704

http://www.vbulletin.com/forum/forum/vbulletin-announcements/vbulletin-announcements_aa/4007195-important-message-regarding-your-account

http://www.vbulletin.org/forum/showthread.php?t=304626

I'm glad we stopped using this software when we did. vbulletin.org runs vb 3 which is what we were running in the end before switching to Invision Power Board. If vb3 is now vulnerable, then all the numerous sites still using it are at risk. Anyone that has used the same password on all sites, should not use any password they have previously used on any vBulletin site.

The Ubuntu and MacRumors sites were hacked because a moderator account was broken into. The vBulletin.com and vBulletin.org sites have not stated how they were hacked into, nor do they have a fix for this exploit because it is "being looked into."



0 Comments


Recommended Comments

There are no comments to display.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Add a comment...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.



  • Recent Status Updates

    • Sledgstone

      I finished reading LoTR The Two Towers a couple weeks ago after taking a long long break on reading it. It felt like Frodo and Sam were walking forever to Mordor. That part was so long and boring.  I'm glad its over with. When they finally got attacked by the spider I was thankful something was actually happening. Now I'm reading Return of the King and my god this is moving at such a better pace. The attack on Gondor is happening now. After I'm done with this book I'm going to re-watch the entire movie trilogy again.
      · 5 replies
    • DeathscytheX

      Muh feels! 😭 Fruits Basket has been so good, but ugh. Two eps on Uotani and Kyoko. Why'd Kyoko have to die? It's just a sad fact at first, but now that they gave her character so much depth with Uotani's recollection it hurts. The New Years ep would have been even worse if I knew her like I do now.
      · 2 replies
    • Sledgstone

      And now my skyscale collection needs jumping puzzles. I knew it was coming but still... x_x
      · 5 replies
    • Strider Hiryu

      So yea Fire Force is pretty fucking amazing and you should all be watching it. Not entirely sure what else to say about it outside of the fact its animated by the guys that did Soul Eater, it's out special teams of fire fighters that fight literal fire demons (well humans turned into infernals as they call them) using pyrokinetic powers (or none at all in the case of some of them), and it's everything I didn't know I ever wanted wrapped up in an anime. Yea, I'm extremely onboard with this show. I'm just sad episode 3 is delayed for a week but it's completely understandable considering the tragic loss of life this week with the KyoAni fire.
      · 5 replies
    • Sledgstone

      I checked error logs but I couldn't find anything. So I changed a couple settings for the gallery and did a couple test uploads. One image loaded fine, the other upload was 3 images at once. Everything worked ok. One of the issues might have been a file size limitation. Anything around 4mb might have been timing out. I increased the upload size for all usergroups. If anyone wants to test some image uploads, go for it. 10 mb is now the largest image the forum will take at the moment. All of my test images were no bigger than 1.5 mb. We still might get an image upload timing out for large images but that might be a hard server setting I'd have to look for.
      · 9 replies
  • Topics

×
×
  • Create New...