vBulletin.com / vBulletin.org Hacked

A weak explanation on his website by BirdOPrey5. Staff member for VB.

Following BirdOPrey5 allowing a known hacker to impersonate me using my stolen photograph in violation of his own rules and post altered copies of my posts taken from here. Joe decided to try to explain the incompetence of VB and the support staff.

True to form he blames the customers yet again.
I find it abhorrent that such Vb support staff like Mark B /Paul M and Joe D, Can only come up with absolute misleading utter crap, instead of setting the record straight and telling us exactly what is going on.

When faced with questions of genuine concern by their CUSTOMERS they can only hide or if pushed come up with total bullshit.

Such is the measure of these so called "stand up guys"

 

SERIOUSLY dude? You SERIOUSLY telling us that these well known hackers were just hacking out of the kindness of their hearts!!!!

What sterling guys. What unselfishness. What UTTER BULLSHIT from a VB staff member.

Honestly Joe just what medication are you taking ?

Joe why not tell the truth about the Ukraine, Russian and Romanian hackers and their pals and what they are really doing?

Cone on Joe, you feel the need to post about these things, tell us about how kind and considerate the inhabitants of places like Yoshkar-Ola. Republic Mari-El, Russia are, who are known as a town of dating scammers. or the Romanian town of hackers, Râmnicu Vâlcea that has only about 120,000 residents, but among law enforcement experts around the world, it has a nickname: Hackerville.

Tell us all again about how these hackers are so benevolent that they only hack to warn webmasters.
But then you are supporting known hackers yourself, despite the damage and heartache that they leave behind them.

 

FWIW, at one time, a year or so ago, my vB sites were hacked by middle eastern hackers that simply put a "hacked by xxxx" on the frontpage and left everything intact.

And that DID prompt me to take security a bit more seriously.

I have actually seen this on a few other sites (other scripts, wodpress, joomla) that I have built as well. Made me learn real fast all about securing various applications online.

 

I had the impression they took the whole week off, well DUH!!!!!

 

Hahaha.....let's first define embarrassment.

Socially unacceptable acts? Loss of honor or dignity? Riiiiiggggghhhhhhtttttt!

So I have to ask. For whom exactly is this supposed successful hacking of IB servers possibly embarrassing?

Scott

 

something happen, we had to reset are passwords over at vb.com and vb.org

 

From vBull newsletter

Yup they got hacked.

 

A lot of good that does after that have the password.
Wonder how many users use the same password on vb.com that they do on their own sites or other forums.
Do a google search for "username" and you can quickly find other sites that use may be part of.

Ouch...

 

I'm glad I'm no longer a vBulletin 4 user anymore. This is ridiculous. It's quite possible that a lot of people are using the same passwords. It happens a lot.

 

I use different passwords, and so I don't forget them I place them on a few external hard drives.

 

Un-f*cking-real. I just finished yesterday converting my main forum to xenForo (from vB4); it couldn't had happened at a better time! I feel bad for those people who can't or don't want to convert to something else, for whatever reasons, I don't see the situation getting better at IB/vB anytime soon. I wish them well though.

So vBcom admins don't follow the recommended security procedures and they just don't care so they had it coming? I'm sure that's not the case, so staff members like that and other die-hard vBulletin defenders who put the blame on admins when their sites get hacked should really keep quiet and focus on the root of the problem: shitty coding and/or bad QA; not to mention how incredibly slow whoever is in charge is to address these issues.

Don't be surprised if a week from now we are let known that a security exploit has been discovered and they're releasing a patch to fix it. And of course, whoever gets hacked from here until then will be an irresponsible admin for not jumping into the future to grab that fix.

 

vB recommend this ... "Protecting the admincp with IP address or .htaccess authorization"

How is this done ????

 

This should help http://www.javascriptkit.com/howto/htaccess3.shtml

 

I think they mean move to xenForo!

 

The best way to protect against your vBOOM being hacked is NOT TO USE IT!!!!!!!!!!!! With all their EGG SPER TEASE they couldn't and can't prevent further exploits.

 

Well at least they put something out about it.

Granted, I doubt we ever find out the extent of the hack, but it was proper of them to force people to update their passwords.

 

Unbelievable. They have to be dragged out into the light kicking and screaming just to admit what we all knew!

Posts deleted, threads locked, customers insulted yet again and all the while the truth was obvious.

Tell me, are these morons really staff members on VB! Do some of them actually get paid to act like imbeciles.

 

@BamaStangGuy is that a separate email other then the one @Autopilot quoted as well?