vbSEO Security Update

Discussion in 'vBulletin Discussions' started by AWS, Jan 23, 2012.

  1. AWS

    AWS Administrator

    Feb 1, 2010
    Likes Received:
    Joliet, IL U.S.A.
    First Name:
    If you use vbSEO you might be interested in reading this thread at vbSEO site.

    Read the whole thread and not just bits and pieces of it. It seems that the vbSEO servers were compromised and malicious code was injected to users forums when they visited the vbSEO control panel which created a plugin that could do bad things.

    It seems a js file that is loaded when you access the vbSEO cp that is hosted on the vbSEO site was somehow infected with the code that creates the plugin.

    This does not look good because the php script that injected the infected js also seemed to forward a list of infected sites to the hacker that injected the code. Since this is still being investigated the damage done by the plugin is unknown. If you use vbSEO check you plugin list and if you see any plugins that don't look right disable them immediately. Most of them will reference a cache, vBCMS Global Thread Cache for one. It seems that the plugin name was changing throughout the course of the thread.

    Make sure if you use vbSEO you check your plugins and also install the patch. In the coming days the scope of this exploit will be known and you'll find out what was compromised. This look to be far worse that the Google hijack exploit that redirected users to filestore.info.

Share This Page