Go Back   vb.org Archive > vBulletin 4 Discussion > vB4 General Discussions
FAQ Community Calendar Today's Posts Search

Closed Thread
 
Thread Tools Display Modes
  #1  
Old 11-15-2013, 04:33 AM
motorhaven motorhaven is offline
 
Join Date: Jul 2002
Posts: 56
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default Why the silence?

Why is VB.org and VB.com being silent on the fact that both were hacked yesterday, and access to customer data was gained? What is being done to protect VB license holders? You ought to at least email people so they can change their passwords rather than leaving it up to some outside source for us to find out about this!

Unfortunately, I don't have much faith ya'll will let this post stick around.
  #2  
Old 11-15-2013, 04:37 AM
New Joe's Avatar
New Joe New Joe is offline
 
Join Date: May 2009
Posts: 1,128
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

How do you know they were hacked?
  #3  
Old 11-15-2013, 04:51 AM
motorhaven motorhaven is offline
 
Join Date: Jul 2002
Posts: 56
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Because the people who did it posted screenshots of the contents of the file systems. Macrumors was compromised as a result of this as well, and 800,000 user accounts possibly compromised. They made it a point to announce it so their users could take again, Internet Brands has not. Inexcusable!


https://www.facebook.com/inj3ct0rs/p...11793255548704
This is the group that did it and they include the screen captures from the shell they managed to install on the servers.

Again, I ask... why the silence? This explains why the VB.org site was mysteriously down last night!
  #4  
Old 11-15-2013, 06:03 AM
WEBDosser's Avatar
WEBDosser WEBDosser is offline
 
Join Date: Oct 2001
Location: @ MyPC
Posts: 824
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Well I never..
  #5  
Old 11-15-2013, 07:16 AM
Amaury Amaury is offline
 
Join Date: Nov 2011
Location: Ellensburg, WA
Posts: 1,075
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

I wouldn't solely trust a screenshot if my life depended on it.
  #6  
Old 11-15-2013, 09:32 AM
ozzy47's Avatar
ozzy47 ozzy47 is offline
 
Join Date: Jul 2009
Location: USA
Posts: 10,929
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

I seriously doubt such a thing happened, but if it truely did, I am sure we would be advised of it.
  #7  
Old 11-15-2013, 10:57 AM
Dave Dave is offline
 
Join Date: May 2010
Posts: 2,583
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

I guess he's referring to this http://1337day.com/exploit/description/21518
Kinda scary, 0days.
  #8  
Old 11-15-2013, 12:14 PM
motorhaven motorhaven is offline
 
Join Date: Jul 2002
Posts: 56
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by ozzy47 View Post
I seriously doubt such a thing happened, but if it truely did, I am sure we would be advised of it.
1. A contractor for VB has already admitted it, then tried to bluff it out by saying it was "beta" installation on their server which was hit. But BOTH .com and .org were down, and screen shots show access to non-beta installations. http://www.theadminzone.com/forums/s...d.php?t=105650

2. It happened at the same time both VB.com and VB.org sites were mysteriously down.

3. The Mac site has already widely reported in the press.... then again they did the right thing and told their users immediately.

4. Just a few weeks ago the install directory exploit was reported by VB, and they pulled a similar move not broadcasting that there was an exploit until it was already widely known. I did consulting cleaning up hacked VB sites. This is not something I care to do with my consulting time, because it's money out of small business pockets they should not have had to spend!

I have defended the product for a long time when others haven't --- this I cannot.
  #9  
Old 11-15-2013, 12:17 PM
lapiervb lapiervb is offline
 
Join Date: Mar 2010
Posts: 249
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

I read the same thing here -> http://www.theadminzone.com/forums/s...d.php?t=105650


Can anybody confirm this is true?
  #10  
Old 11-15-2013, 12:18 PM
ForceHSS ForceHSS is offline
 
Join Date: Apr 2008
Posts: 6,357
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

From what i can see its not true
Closed Thread


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 08:05 PM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.04445 seconds
  • Memory Usage 2,264KB
  • Queries Executed 12 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)ad_showthread_firstpost
  • (1)ad_showthread_firstpost_sig
  • (1)ad_showthread_firstpost_start
  • (1)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)navbar
  • (3)navbar_link
  • (120)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (2)pagenav_pagelink
  • (1)pagenav_pagelinkrel
  • (10)post_thanks_box
  • (10)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (10)post_thanks_postbit_info
  • (10)postbit
  • (10)postbit_onlinestatus
  • (10)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • pagenav_page
  • pagenav_complete
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete