vBulletin Mods

The Official vBulletin Modifications Site
https://www.vbulletin.org/forum/showthread.php?t=304565

Why the silence?
by motorhaven
15 Nov 2013 04:33

Why is VB.org and VB.com being silent on the fact that both were hacked yesterday, and access to customer data was gained? What is being done to protect VB license holders? You ought to at least email people so they can change their passwords rather than leaving it up to some outside source for us to find out about this!

Unfortunately, I don't have much faith ya'll will let this post stick around.

New Joe 15 Nov 2013 04:37

How do you know they were hacked?

motorhaven 15 Nov 2013 04:51

Because the people who did it posted screenshots of the contents of the file systems. Macrumors was compromised as a result of this as well, and 800,000 user accounts possibly compromised. They made it a point to announce it so their users could take again, Internet Brands has not. Inexcusable!


https://www.facebook.com/inj3ct0rs/p...11793255548704
This is the group that did it and they include the screen captures from the shell they managed to install on the servers.

Again, I ask... why the silence? This explains why the VB.org site was mysteriously down last night!

WEBDosser 15 Nov 2013 06:03

Well I never..

Amaury 15 Nov 2013 07:16

I wouldn't solely trust a screenshot if my life depended on it.

ozzy47 15 Nov 2013 09:32

I seriously doubt such a thing happened, but if it truely did, I am sure we would be advised of it.

Dave 15 Nov 2013 10:57

I guess he's referring to this http://1337day.com/exploit/description/21518
Kinda scary, 0days.

motorhaven 15 Nov 2013 12:14

Quote:

Originally Posted by ozzy47 (Post 2460888)
I seriously doubt such a thing happened, but if it truely did, I am sure we would be advised of it.

1. A contractor for VB has already admitted it, then tried to bluff it out by saying it was "beta" installation on their server which was hit. But BOTH .com and .org were down, and screen shots show access to non-beta installations. http://www.theadminzone.com/forums/s...d.php?t=105650

2. It happened at the same time both VB.com and VB.org sites were mysteriously down.

3. The Mac site has already widely reported in the press.... then again they did the right thing and told their users immediately.

4. Just a few weeks ago the install directory exploit was reported by VB, and they pulled a similar move not broadcasting that there was an exploit until it was already widely known. I did consulting cleaning up hacked VB sites. This is not something I care to do with my consulting time, because it's money out of small business pockets they should not have had to spend!

I have defended the product for a long time when others haven't --- this I cannot.

lapiervb 15 Nov 2013 12:17

I read the same thing here -> http://www.theadminzone.com/forums/s...d.php?t=105650


Can anybody confirm this is true?

ForceHSS 15 Nov 2013 12:18

From what i can see its not true

lapiervb 15 Nov 2013 12:34

Quote:

Originally Posted by ForceHSS (Post 2460910)
From what i can see its not true

And what do you see? Did you read this somewhere? Has VB come out and said this did not happen? Or does "from what you can see" mean you "hope" its not true??

DemOnstar 15 Nov 2013 13:11

Why the silence?

Because nobody is saying anything of course...

motorhaven 15 Nov 2013 13:19

Quote:

Originally Posted by ForceHSS (Post 2460910)
From what i can see its not true

Did you even read that thread? One of VB's guys admitted it.

Paul M 15 Nov 2013 13:23

Quote:

Originally Posted by motorhaven (Post 2460907)
1. A contractor for VB has already admitted it, then tried to bluff it out by saying it was "beta" installation on their server which was hit. But BOTH .com and .org were down, and screen shots show access to non-beta installations. http://www.theadminzone.com/forums/s...d.php?t=105650

2. It happened at the same time both VB.com and VB.org sites were mysteriously down.

You are making stuff up here.

1. I stated (correctly) that the server they hacked was an old QA stage server.

2. The server was not hacked yesterday, the screenshots date it at sometime in October (more than likely they did it even earlier, just took later shots).

3. vb.org & vb.com were last down (12th/13th depending on your timezone) because of scheduled work on the database server.

You are free to discuss this situation on vb.org, you are not free to make up stuff.

nerbert 15 Nov 2013 14:00

One little inconsistency here is that the facebook announcement says the vulnerability is in vB4 and vB5 and they hacked vBulletin.org. vBulletin.org uses vb3.6.12. Why didn't the announcement say the vulnerability is in vB3 as well?

If you're so sure this is true then buy their patch (NOT!!!!!)

Quote:

Originally Posted by Inj3ct0r Exploit DataBase
All those wishing to buy a vulnerability and patch your forum : h t t p ://1337day.com/exploit/description/21518



All times are GMT. The time now is 11:57.

Powered by vBulletin® Version 3.8.14
Copyright © 2021, MH Sub I, LLC dba vBulletin. All Rights Reserved. vBulletin® is a registered trademark of MH Sub I, LLC
Copyright ©2001 - , vbulletin.org. All rights reserved.