Forum hacked

Nano · Sep 23, 2013

Mr Invisible said:
Yeah, bunch of dopes hacked it again ....

Without going into detail we know exactly what they are doing. They aren't getting direct access to the server, but rather using a vulnerability to get in.

Earlier the other day they tried using attack which bumped the database offline, and then after that used a known vulnerability in VB to log in and upgrade themselves as admins. From there they've installed a plugin which has changed the frontpage of the forum. That's all.

Everything they are doing is logged, and I'm not sure if law enforcement authorities will be involved.

BTW .. them h4rdc0r3 h4cker$ removed the facebook comment someone left them.

Is the site protected from SQL inject attacks? The DB always seems to be the first thing that goes out, maybe having an IP filter might help though people with proxies would be a problem and telling the devs of vBulletin about the problems might help them release a patch for everyone!

These so called hackers are just nubs and yes they removed a someone's comment

Moe · Sep 23, 2013

Only thing I want to know is....

Why is this thread in the Introduce Yourself section?

Captain Kickass · Sep 23, 2013

It's strictly a vulnerability in the vBulletin set-up.

I'm a member on two other vB sites, and they've had similar happen in the last month.

Occasionally, once admins do their thing, a few threads might disappear and a few people might lose their avatars.
Nothing that isn't easily restored in the long run.

billybob · Sep 23, 2013

Moe said:
Only thing I want to know is....

Why is this thread in the Introduce Yourself section?

To quote myself

billybob said:
oops i totally put this in the wrong forum too.

Im pretty sure as a mod you can move it yeah ;-)

billybob · Sep 23, 2013

Captain Kickass said:
It's strictly a vulnerability in the vBulletin set-up.

I'm a member on two other vB sites, and they've had similar happen in the last month.

Occasionally, once admins do their thing, a few threads might disappear and a few people might lose their avatars.
Nothing that isn't easily restored in the long run.

Does 5.0 still suffer the same problems?

Moe · Sep 23, 2013

billybob said:
Im pretty sure as a mod you can move it yeah ;-)

I could move it...

Mr Beast · Sep 23, 2013

Moe said:
I could move it...

I could move it too...

Raysie · Sep 23, 2013

The funniest part of all this is the irony.

The Arabs have hacked a stereotypically Arabic supported NRL club fansite thinking we're Israelis. Hahahaha

Nano · Sep 23, 2013

Raysie said:
The funniest part of all this is the irony.

The Arabs have hacked a stereotypically Arabic supported NRL club fansite thinking we're Israelis. Hahahaha

BAHAHAHAHAHA, now that's irony!

ninja_h · Sep 23, 2013

It's probably released the HackTool:Win32/Keygen. Lucky my windows security quarantine has blocked it.

Mr Beast · Sep 23, 2013

ninja_h said:
It's probably released the HackTool:Win32/Keygen. Lucky my windows security quarantine has blocked it.

Lucky you're a ninja, otherwise they'd jumping through your bedroom windows

Forum hacked

Nano

Kennel Immortal

Moe

Moderatwhore

Captain Kickass

Dirtbag Lifecoach

billybob

Kennel Enthusiast

billybob

Kennel Enthusiast

Moe

Moderatwhore

Mr Beast

Admin

Raysie

Kennel Addict

Nano

Kennel Immortal

ninja_h

Kennel Participant

Mr Beast

Admin