• entries
    96
  • comments
    103
  • views
    70,232

vBulletin.com has been hacked

Sledgstone

2,267 views

I received this email today:

Quote

This is an important message about your account.

We take your security and privacy very seriously. Very recently, our security team discovered sophisticated attacks on our network, involving the illegal access of forum user information, possibly including your password. Our investigation currently indicates that the attackers accessed customer IDs and encrypted passwords on our systems. We have taken the precaution of resetting your account password. We apologize for any inconvenience this has caused but felt that it was necessary to help protect you and your account.

To regain access to your account:

  1. Visit the vBulletin forums at http://www.vbulletin.com/settings/account
  2. Enter in your existing password followed by your new password, twice for confirmation.
  3. Save this page at the bottom.

Please choose a new password and do not use the same password you used with us previously. We also highly recommend that you chose a password that you are not using on any other sites.

If you have any additional questions or concerns, please feel free to contact our support team at http://www.vbulletin.com/go/techsupport or support@vbulletin.com.

Sincerely,

Wayne Luke,

vBulletin Lead Technical Support.

Helping You Build Better Communities,

After logging into vbulletin's site, I changed my password and checked out the client forums. vBulletin's software was compromised, again.

Earlier this year, PCGamers forum was hacked and then earlier in July, Ubuntu forums was hacked. And just the other day vbulletin.com, vbulletin.org and MacRumors were all hacked. All of the sites were running vbulletin software.

References:

http://blog.canonical.com/2013/07/30/ubuntu-forums-are-back-up-and-a-post-mortem/

http://www.macrumors.com/2013/11/12/macrumors-forums-security-leak/

https://www.facebook.com/inj3ct0rs/posts/611793255548704

http://www.vbulletin.com/forum/forum/vbulletin-announcements/vbulletin-announcements_aa/4007195-important-message-regarding-your-account

http://www.vbulletin.org/forum/showthread.php?t=304626

I'm glad we stopped using this software when we did. vbulletin.org runs vb 3 which is what we were running in the end before switching to Invision Power Board. If vb3 is now vulnerable, then all the numerous sites still using it are at risk. Anyone that has used the same password on all sites, should not use any password they have previously used on any vBulletin site.

The Ubuntu and MacRumors sites were hacked because a moderator account was broken into. The vBulletin.com and vBulletin.org sites have not stated how they were hacked into, nor do they have a fix for this exploit because it is "being looked into."




0 Comments


There are no comments to display.

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now


  • Recent Status Updates

    • Sledgstone

      I watched "Dragon Blade" this weekend. A great Jackie Chan movie, mostly subtitled. Really depressing and really good. The pacing of the movie was amazing to me. So much happened in 2 hours that it felt like some epic trilogy condensed down to 1 movie with all the boring parts removed.
      · 0 replies
    • DeathscytheX

      I'm starting to get really good with Genji. I got gold in eliminations several times tonight, and carried at 51% kill participation in one of my matches. And with a buff to his ult in the pipeline, I won't have to worry about my fun getting nerfed for a while. There are few things that feel amazing in this game. Hooking airborne Phara with Roadhog, Hooking Tracer with Roadhog, Killing a good Zarya period, and deflecting an ult back at the enemy team with Genji... because I totally got McCree good.
      · 0 replies
    • DeathscytheX

      That feeling soloing the boss with corpses cheering you on, because everyone else fell to their death on Thaumanova Reactor, and the boss has 30% HP left. I did it for the first time since the change. The heat room isn't that bad when done as a group. But having to do 4 rooms now makes it my least favorite even more so. I also had to do the Not So Secret JP again for Astralaria. WTF? Not So Secret and SW? The two worst JP in the game for this journey.  
      · 3 replies
    • Sledgstone

      My car is screwed up. It has an overheating issue but it doesn't show it as an issue. The radiator fan wont turn on unless my AC or heater is on. No check engine light or anything. After a long diagnosis at a dealership, they've concluded that the computer in the car itself is failing and needs to be replaced. Never had that happen to a car before. Its a hefty bill to get that swapped out. I could go cheap and buy a used part off ebay for $30-100 but I don't see the point when theres no way to test the damn things accurately considering mine is reading as functioning normally. wtf. Instead of trading in the car, I'll foot the $1k bill next week when the get the part in. I really don't want another car payment at this point.
      · 3 replies
    • DeathscytheX

      I feel sorry for anyone that wanted to buy a NES classic at retail price. The last of them will be shipped out til the end of the month. Never wanted one myself, but a lot of friends did. This is why emulators will always be a thing. 
      · 2 replies
  • Topics