Why the silence?
 

Why is VB.org and VB.com being silent on the fact that both were hacked yesterday, and access to customer data was gained? What is being done to protect VB license holders? You ought to at least email people so they can change their passwords rather than leaving it up to some outside source for us to find out about this!

Unfortunately, I don't have much faith ya'll will let this post stick around.

How do you know they were hacked?

Because the people who did it posted screenshots of the contents of the file systems. Macrumors was compromised as a result of this as well, and 800,000 user accounts possibly compromised. They made it a point to announce it so their users could take again, Internet Brands has not. Inexcusable!


https://www.facebook.com/inj3ct0rs/p...11793255548704
This is the group that did it and they include the screen captures from the shell they managed to install on the servers.

Again, I ask... why the silence? This explains why the VB.org site was mysteriously down last night!

Well I never..

I wouldn't solely trust a screenshot if my life depended on it.

I seriously doubt such a thing happened, but if it truely did, I am sure we would be advised of it.

I guess he's referring to this http://1337day.com/exploit/description/21518
Kinda scary, 0days.

1. A contractor for VB has already admitted it, then tried to bluff it out by saying it was "beta" installation on their server which was hit. But BOTH .com and .org were down, and screen shots show access to non-beta installations. http://www.theadminzone.com/forums/s...d.php?t=105650

2. It happened at the same time both VB.com and VB.org sites were mysteriously down.

3. The Mac site has already widely reported in the press.... then again they did the right thing and told their users immediately.

4. Just a few weeks ago the install directory exploit was reported by VB, and they pulled a similar move not broadcasting that there was an exploit until it was already widely known. I did consulting cleaning up hacked VB sites. This is not something I care to do with my consulting time, because it's money out of small business pockets they should not have had to spend!

I have defended the product for a long time when others haven't --- this I cannot.

I read the same thing here -> http://www.theadminzone.com/forums/s...d.php?t=105650


Can anybody confirm this is true?

From what i can see its not true

And what do you see? Did you read this somewhere? Has VB come out and said this did not happen? Or does "from what you can see" mean you "hope" its not true??

Why the silence?

Because nobody is saying anything of course...

Did you even read that thread? One of VB's guys admitted it.

You are making stuff up here.

1. I stated (correctly) that the server they hacked was an old QA stage server.

2. The server was not hacked yesterday, the screenshots date it at sometime in October (more than likely they did it even earlier, just took later shots).

3. vb.org & vb.com were last down (12th/13th depending on your timezone) because of scheduled work on the database server.

You are free to discuss this situation on vb.org, you are not free to make up stuff.

One little inconsistency here is that the facebook announcement says the vulnerability is in vB4 and vB5 and they hacked vBulletin.org. vBulletin.org uses vb3.6.12. Why didn't the announcement say the vulnerability is in vB3 as well?

If you're so sure this is true then buy their patch (NOT!!!!!)

IB really needs to invest in CRM (last sentence of your reply). There is a big difference between "making stuff up" and not having information which agrees with yours.

Test QA system or not the screen shots show access to vb.org, vb.com, flyertalk and 5series.net information. What exposure did users of these forums have?

Its not true because the ss they show are not vb just something they made up to look like hackers.

The crackers used the VB database to get a password to a person who is a moderator on MacRumors. They then used to this to hack MacRumors because the moderator used the same password on both sites. MacRumors admitted to the hack. Or are they just making it up too?

I am talking about vbulletin offical site when did I ever start talking about MacRumors as you started to say this on your first post that vbulletin.com and vbulletin.org have been hacked

November: THE month for conspiracy nutter bilge water and bile!

You aren't paying attention to what I said. The password to Macrumors to was obtained BECAUSE VB.com was hacked. Once someone obtains access to a vb database it doesn't take much computational power to crack the passwords. MD5 password protection is weak. It's been a known weak hash method since 1996, and more weaknesses found in 2004.

This is so laughable... If they soooo want us to believe any of this they should have been able to deface the sites in question without too much trouble.

It didn't happen.

So when Macrumors announced they were hacked they were lying? Yes? No?

I am talking about vB dot org. I don't give a red rat's ass about MacRumors, or any of the rumors about it.

And by the way, it is NOT a unusual event for a site to LIE about being "hacked."

See below:

Weren't you the one who just a few days ago lamented about how poor VB's security record has been?

That's vB 4. Not vBulletin in general.

But at least in those instances there was a shred of proof, not just dummied up screenshots from illiterate script kiddies, posted on facebook.

You're not serious, are you? Here are 50 vulnerabilities in 3.x versions, and that's just through 2007!
http://www.cvedetails.com/vulnerabil...Vbulletin.html

http://www.macrumors.com/2013/11/12/...security-leak/

Since you believe this so strongly, almost religiously and without a shred of actual proof - I am sure you bought the illiterate script kiddie's "patch" and installed it, right?

Did it occur to you the "patch" when installed, is actually the exploit? It's called "social engineering" and it's a tried and true form of "hacking."

Interesting you believe the MacRumors claim, but dismiss Paul's claim. One of them fits your paranoid rant, the other doesn't.

A fair few of those that I see require some level of administrator privilege... administrators are gods.

So they hacked vb.com and vb.org, so they could get this dudes password and hack MacRumors

Sounds to me like stealing the keys to a Chevy to drive a Ford.

The claim: vBulletin dot org was hacked yesterday
The evidence: Zero

Result is attached.

And right now, because we refuse to believe the religious ramblings, he is desperately trying to figure out what sites we have, to feed us to the illiterate hax0rs...

Put away your lame assumptions about someone's experience and your weak lessons before you embarrass yourself. I know what social engineering is - I was dealing with people doing that stuff back in the 1980s, when I wasn't busy coding in assembler. That was well before I started one of the first enthusiast groups on the Internet.

Macrumors has nothing to gain by saying they were hacked. They have credibility to lose, as a matter of fact.

And we still have ZERO evidence that vB dot org was hacked, as you claimed.

You never answered the question either. DID you buy the "patch" from the illiterate script kiddies and install it? If not, why are you promoting it?

Someone needs to chill pill. Stop posting crap like this your just making it worse for yourself

Where exactly have MacRumors admitted that they were hacked because (1) A moderator used the same password on vb.com and their site, (2) Assuming they cracked the password from vb.com, this moderator account was used to hack them ?

So you believe that vB.org and vB.com were hacked, going by the time stamp on your post, Thursday.


And at the same time as MacRumors.


And into a vBulletin 3 site using a vBulletin 4 exploit.


Then they used the information they hacked from vBulletin.org Thursday, to hack into MacRumors....on Monday????


Either the hackers are time travellers or, as was repeatedly stated, hacking had nothing to do with .com and .org being down last night. Which would explain how you get into a vB3 site using a vB4 exploit. You don't.

You can see where this information all seems kinda suspicious, especially since MacRumors says they were hacked in a similar manner to the way Ubuntu Forums was hacked. And Ubuntu Forums was hacked in July. Again, there's no suspicious timing with vBulletin being down yesterday that coincides with either of these forums being hacked. In both cases, a moderator/administrator having their personal accounts hacked. Why would you need to hack vB.com and vB.org .... to hack a completely different website in the exact same manner? To borrow from ozzy's analogy, that's stealing the keys to the Chevy. Hot wiring the Ford. Then saying the Chevy made me do it. It doesn't make a lick of sense.

Unfortunately there IS some evidence about macrumours here http://www.informationweek.com/secur.../d-id/1112235? and their admission here http://www.macrumors.com/2013/11/12/...security-leak/ although i see no evidence of any vb hacking!

If you read in that first link you posted, http://www.informationweek.com/secur.../d-id/1112235? this is what the hacker said.

lol already posted that in my post :-)