Vbulletin.com hacked

[TheLastSuperman]

Quote:

Originally Posted by shimei

Well, I think you're doing a wonderful job and have been extremely helpful.

Thanks,
William

Well thanks for that! I'm the comic relief around these'here'parts' for sure . Sometimes a few don't get my sense of humor but to each their own eh? After all being different is what makes us all unique in a great way .

Thanks for a good conversation as well!

- Mikeeeeeeyyyyyy

[TheLastSuperman]

NOW it's back up including forumhome .

Standby for an announcement to be posted here:
http://www.vbulletin.com/forum/forum...nouncements_aa

I cannot guarantee that will be today, tomorrow etc as honestly if I were called in to fix it I'd of fixed it then immediately left to return to my wife and kiddos for Halloween but that's just me haha! The announcement will be made though we all know that, they will let us know what happened .

[shimei]

Curious, if you don't mind a general or basic explanation. How do they figure out what was done? I take it the hacker will leave behind some kind of foot print? Do most servers have the ability to find out through logs of some sort etc?

William

[ForceHSS]

https://www.youtube.com/watch?v=Zq549n6fi6I
http://www.vbulletin.com/forum/forum...letin-software

--------------- Added [DATE]1446334377[/DATE] at [TIME]1446334377[/TIME] ---------------

I see the user removed the video of him hacking vb

[x iJailBreak x]

Quote:

Originally Posted by TheLastSuperman

LOL I was editing my post rewording it with something along those lines before I saw your post .



More than likely due to all the security they have in place to prevent things like this from occurring. Why are you on his facebook page? Silly to even bother visiting it imo, trash all looks the same.



I only know of one other time, I barely recall another time before that but can't say for sure. I know the p0wetards... err I mean p0wersurge folks were able to pull it off a while back. I can only vouch for twice myself.

You are so mature. You know if it wasn't for people like you making comments like that groups would be more willing to actually help and not do stuff like that. How you remain staff here amazes me.

[K a M a L]

Hacker claims he is still connected , he says he dumbed vbulletin.com database and now dumping vbulletin.org database and customer info.

--------------- Added [DATE]1446407370[/DATE] at [TIME]1446407370[/TIME] ---------------

He offers vb.com database for sell and showing evidience

[x iJailBreak x]

Quote:

Originally Posted by K a M a L

Hacker claims he is still connected , he says he dumbed vbulletin.com database and now dumping vbulletin.org database and customer info.

--------------- Added [DATE]1446407370[/DATE] at [TIME]1446407370[/TIME] ---------------

He offers vb.com database for sell and showing evidience

I have my doubts that he's even still connected. Also, as long as everyone is using a different password on here and vB.com, you should be fine. Sure the attacker can try and crack your passwords but if you only use that password here, it's effectively useless.

Adding to this, it would be super helpful if there was a two factor authentication system cooked right in to vBulletin to allow customers to protect their accounts not only on here but on other vBulletin powered boards. I know several products exist that do this but it seems silly that it isn't included by default.

[Dave]

Can anyone fix this mistake at vBulletin.com's main page?

[TheLastSuperman]

Quote:

Originally Posted by x iJailBreak x

You are so mature. You know if it wasn't for people like you making comments like that groups would be more willing to actually help and not do stuff like that. How you remain staff here amazes me.

You're the primary admin of the team ps forums with sub-forums such as this: https://p0wersurge.com/forums/vulnerable-websites/ among others of nothing but a seemingly malicious intent and purpose with a legal disclaimer stating:

Quote:

Legal Disclaimer
TeamPS and p0wersurge.com are not responsible for any attacks carried out on networks, websites or servers. The staff cannot be held responsible. All information on this forum is for educational purposes only.

So let's list sites that are vulnerable and go on the wild assumption some lowlife won't use that info to hack said sites. That is one of the most helpful sub-forums to the members of this community based on your rebuttal of wanting to help or am I just completely off-base by saying that? We can break it down and examine your reply but let's spare everyone. Furthermore I highly doubt ANY site on those lists wants it's vulnerabilities tested and "verified" via being hacked. Using a loophole via a legal disclaimer regarding educational purposes speaks to us all more than your words ever will.

Also please note that I used a groups name not yours, you singled me out and took offense then called me out on the subject of maturity, that was your prerogative but facts will always remain facts.

[Skyrider]

I'm curious if vB is using a SSH whitelist and or key authentication.