+ Reply to Thread
Page 1 of 2 1 2 LastLast
Results 1 to 10 of 11

Thread: Forum Hack - Please Read

  1. #1

    Default Forum Hack - Please Read

    Hi all,

    You may have noticed (or may not) that the forum was hacked overnight. I urge you all to change your passwords. I will be doing the same with the main hosting and access ones.

    Please let me know if you notice anything weird. I've done a purge of some people who I approved yesterday so sorry if you were caught up in that - safety first.

    Forum Admin

  2. #2
    Join Date
    Dec 2008
    Posts
    849

    Default

    Jeez, I changed my password just now. Considering who wrecked the joint, I'm genuinely worried about my new laptop and smartphone being compromised.
    'Poverty is not an injustice. There is no such thing as causes for poverty, only causes for wealth. Poverty is not a wrong, but taking money from those who have it to equalize incomes is basically theft, which is wrong.' - Typical Randroid

  3. #3
    Join Date
    Dec 2008
    Location
    Derby - UK
    Posts
    3,481

    Default

    Thanks Felice, quick work
    "Just have fun"

  4. #4
    Join Date
    Jan 2009
    Location
    Glasgow, Scotland
    Posts
    2,263

    Default

    Just before the hack I did think it odd there was a new member called 'administrator'.
    Drink, but very carefully...

  5. #5

    Default And we're back.

    Thank you SO MUCH for your patience on this, and to the mods who prodded me to keep trying when it was incredibly tough going in the database and I wanted with every fibre of my being to give up.

    So, I can confirm the hack was due to a vbulletin security flaw not a personal attack, and not a database or password issue. There were hundreds of forums downed by the same thing all over the world, which was awful, but also good because I did have some useful help posts to trawl through. The security flaw is now closed.

    Your passwords and personal info are fine - they used scripts to give themselves access to the template files and so on - but if you would rather be sure I suggest you change them. Belt and braces when it comes to security.

    Please let me know if you notice anything weird. I will be doing cleaning up and so on over the next little while, adjusting security settings and so on.


  6. #6
    Join Date
    Dec 2008
    Location
    Derby - UK
    Posts
    3,481

    Default

    All looks good, a few cosmetic alterations, there was a weird little box at the top when I 1st logged in

    Thanks for your efforts Felice, you've done a quicker job than the SFX forum, that's been down for months now
    "Just have fun"

  7. #7
    Join Date
    Sep 2013
    Posts
    17

    Default

    Good job getting things sorted out.

    I've had my websites hacked before, it's quite traumatic isn't it.

  8. #8
    Join Date
    Jan 2009
    Location
    mid-central US
    Posts
    960

    Default

    I do't get why anyone would want to hack such a dinky little site like ours. Why go to all the bother. Some people really need to get some kind of life.

  9. #9
    Join Date
    Sep 2013
    Posts
    17

    Default

    In the name of openness, the developer announced an exploit in VBulletin recently.

    It seems that this hacker group just searched around the internet and hacked anything they could using a publicly available exploit.

    I wouldn't put these guys on some kind of pedestal as skilled or talented people who attacked the site. More like the person at the back of the room who hears something they can take advantage of but doesn't have the consideration to think of the people they affecting.

  10. #10
    Join Date
    Dec 2008
    Posts
    446

    Default

    Um, well if you can believe what they uploaded they're a bunch of Islamic fanatics and they spit on our imperialist decadent forum.
    But they're probably just a bunch of bored pimply teenagers with no mates.

+ Reply to Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts