The Arcive of Official vBulletin Modifications Site.It is not a VB3 engine, just a parsed copy! |
|
#1
|
||||
|
||||
Nokia Developer Forum (vBulletin) Hacked
A image put up by the hacker on the forum homepage, mocking Nokia's forum security.
|
#2
|
||||
|
||||
A search of the Google Cache does show they were using some flavor of vBulletin 4.x suite but not their exact version. Could very well be an old version never upgraded since it looks like they did a pretty custom theme- it would have been a pain to upgrade all the time. I'm just speculating form what I can see in the google cache.
|
#3
|
||||
|
||||
Quote:
News is now coming that they have permanently lost some data due to improper backups. This fiasco is a huge loss of face for Nokia and this issue will probably figure at their board meeting. |
#4
|
|||
|
|||
when they got hacked officially ?
according to me, they are hacked from 18 - 19 August. (which my source tells) And according to hacker they had latest patch vbulletin (which has redirect fix), but i don't think so because hacker generally lies to showoff. Nokia is such a big company and not using any professional to manage their system is surprising. Even if there was vulnerability, it could be solved within few minutes when forum was hacked. A admin (whenever he/she is login) should always check plugin manager to see if there is any extra plugin which is added. |
#5
|
||||
|
||||
Quote:
Edit: One report suggests that the forum was first hacked on the 22nd. http://www.theinquirer.net/inquirer/...eb-site-attack |
#6
|
||||
|
||||
4.1.3 from the cached source code... hate to see this posted .
|
#7
|
||||
|
||||
Although Nokia claims it was the fault of the forum, we don't know that for sure. We also don't know if they could be calling it the fault of the forum when it could be the fault of a 3rd party add-on.
I don't see any reason to panic. |
#8
|
||||
|
||||
Two weeks back the same hacker (pr0tect0r) hacked http://www.defence.pk/forums/ which is currently on vBulletin 4.1.5
|
#9
|
||||
|
||||
I'm assuming it was lack of proper maintenance (which covers third-party add-ons imo) unless they present a new vulnerability or exploit to vBulletin that is. Of course we all know from the recent PSN network hacking and common sense tells us that the company does not want to own up to such as it would be detrimental, Sony did own up however recently I've read they knew about it to a certain extent and decided to protect one server over another but not trying to derail the thread simply related imo but more here if your interested .
|
|
|
X vBulletin 3.8.12 by vBS Debug Information | |
---|---|
|
|
More Information | |
Template Usage:
Phrase Groups Available:
|
Included Files:
Hooks Called:
|