vBulletin.com / vBulletin.org Hacked

Discussion in 'vBulletin Discussions' started by BamaStangGuy, Nov 14, 2013.

  1. BamaStangGuy

    BamaStangGuy Administrator

    Joined:
    Jun 23, 2009
    Messages:
    769
    Likes Received:
    549
    Location:
    Huntsville, AL
    https://www.facebook.com/inj3ct0rs/posts/611793255548704

     
    Last edited: Nov 14, 2013
    Autopilot and Brandon like this.
  2. Brandon

    Brandon Regular Member

    Joined:
    Jun 1, 2009
    Messages:
    6,601
    Likes Received:
    1,706
    Location:
    Topeka, Kansas
    First Name:
    Brandon
    If this really was the vbulletin.com database and file structure, that is AMAZING!!

    vbulletin-files.jpg

    vbulletin-database.jpg
     
  3. BamaStangGuy

    BamaStangGuy Administrator

    Joined:
    Jun 23, 2009
    Messages:
    769
    Likes Received:
    549
    Location:
    Huntsville, AL
    People on Flyertalk.com better be changing some passwords.
     
  4. Brandon

    Brandon Regular Member

    Joined:
    Jun 1, 2009
    Messages:
    6,601
    Likes Received:
    1,706
    Location:
    Topeka, Kansas
    First Name:
    Brandon
    huh?
    Is that one of your sites?
     
  5. BamaStangGuy

    BamaStangGuy Administrator

    Joined:
    Jun 23, 2009
    Messages:
    769
    Likes Received:
    549
    Location:
    Huntsville, AL
    Brandon likes this.
  6. cpvr

    cpvr Regular Member

    Joined:
    Aug 14, 2009
    Messages:
    3,219
    Likes Received:
    823
    Damn, talk about bad security. Good thing I stopped using vBulletin and switched to Xenforo.
     
  7. Brandon

    Brandon Regular Member

    Joined:
    Jun 1, 2009
    Messages:
    6,601
    Likes Received:
    1,706
    Location:
    Topeka, Kansas
    First Name:
    Brandon
    Iconic and Big al like this.
  8. CM30

    CM30 Regular Member

    Joined:
    Jul 1, 2012
    Messages:
    901
    Likes Received:
    500
    To be honest, I kind of expected something like this to happen at one point. vBulletin 5 bad coding + the amount of people who dislike Internet Brands = a disaster just waiting to happen.
     
    Big al likes this.
  9. Big al

    Big al Regular Member

    Joined:
    May 14, 2013
    Messages:
    1,093
    Likes Received:
    415
    Location:
    OZ

    If they stuck true to form they would just blame their customers for being stupid and buying VB. Without spending thousands of dollars and loads of time to make sure that VB could not be affected. Well this is what they did with VB5.
     
  10. Autopilot

    Autopilot Regular Member

    Joined:
    Jul 27, 2013
    Messages:
    514
    Likes Received:
    334
    Sounds to me like they forgot to remove their install files :whistle: Isn't that what they tell everyone else why they get hacked?:peeking:
     
    Big al likes this.
  11. BamaStangGuy

    BamaStangGuy Administrator

    Joined:
    Jun 23, 2009
    Messages:
    769
    Likes Received:
    549
    Location:
    Huntsville, AL
    krebsonsecurity has reached out to vB

    Screenshot 2013-11-14 21.17.11.png
     
    Autopilot, Big al and Brandon like this.
  12. signal500

    signal500 Regular Member

    Joined:
    Nov 5, 2012
    Messages:
    143
    Likes Received:
    114
    Guess they should have deleted the install folder...
     
    Autopilot and Big al like this.
  13. BamaStangGuy

    BamaStangGuy Administrator

    Joined:
    Jun 23, 2009
    Messages:
    769
    Likes Received:
    549
    Location:
    Huntsville, AL
  14. popowich

    popowich Regular Member

    Joined:
    Mar 10, 2009
    Messages:
    80
    Likes Received:
    8
    Location:
    Rochester, NY
    Any idea what the specifics are for "we are being PROACTIVE and changing our method of storing/checking member passwords" ?
     
  15. BamaStangGuy

    BamaStangGuy Administrator

    Joined:
    Jun 23, 2009
    Messages:
    769
    Likes Received:
    549
    Location:
    Huntsville, AL
    No idea. Feel free to ask her.
     
  16. Big al

    Big al Regular Member

    Joined:
    May 14, 2013
    Messages:
    1,093
    Likes Received:
    415
    Location:
    OZ
    Posted in public on VB.org:

    I read earlier that there had been over 35,000 hacks on vb sites. I do not understand all the techy stuff but it seems that VB has some serious security problems.
    But then what should we expect from a site that protects unethical staff members who support known and self confessed hackers.

    BirdOPrey5 once said I did not understand the word IRONY! Perhaps I understand it better now.
     
    Autopilot likes this.
  17. Iconic

    Iconic The Original

    Joined:
    Nov 2, 2011
    Messages:
    353
    Likes Received:
    135
    Location:
    Australia
    I said it on another forum, I am worried it could be all the customers info.
     
    Big al likes this.
  18. lordi

    lordi Regular Member

    Joined:
    Jul 17, 2013
    Messages:
    20
    Likes Received:
    6
    Location:
    INDONESIA
    holly ****, is it same method using install folder, or something else/another bug?
     
    Big al likes this.
  19. Caddyman

    Caddyman engiwebmastechanic

    Joined:
    Sep 12, 2013
    Messages:
    63
    Likes Received:
    36
    Location:
    Delaware
    well, that escalated quickly....



    really though, this is bad news for IB
     
  20. CM30

    CM30 Regular Member

    Joined:
    Jul 1, 2012
    Messages:
    901
    Likes Received:
    500
    What hasn't been bad news for IB recently?

    vBulletin 4, vBulletin 5, XenForo lawsuit, AudiWorld, WikiTravel, fake reviews... all they need is someone to get arrested on fraud charges and they've had the lot...
     
    Big al likes this.

Share This Page