vBulletin.com / vBulletin.org Hacked

Discussion in 'vBulletin Discussions' started by BamaStangGuy, Nov 14, 2013.

  1. Brandon

    Brandon Regular Member

    Joined:
    Jun 1, 2009
    Messages:
    6,602
    Likes Received:
    1,707
    Location:
    Topeka, Kansas
    First Name:
    Brandon
  2. Big al

    Big al Regular Member

    Joined:
    May 14, 2013
    Messages:
    1,093
    Likes Received:
    415
    Location:
    OZ
    My understanding is that some of the sections can only fully be seen by people who log in (members)
     
  3. BamaStangGuy

    BamaStangGuy Administrator

    Joined:
    Jun 23, 2009
    Messages:
    769
    Likes Received:
    549
    Location:
    Huntsville, AL
    So were they logging in as users on vb.org and posting spam?
     
  4. ManagerJosh

    ManagerJosh Regular Member

    Joined:
    Sep 27, 2012
    Messages:
    96
    Likes Received:
    87
    I think it's an unrelated issue, but that's just me.
     
    BamaStangGuy likes this.
  5. Paul M

    Paul M Dr Pepper Addict

    Joined:
    Jun 16, 2009
    Messages:
    449
    Likes Received:
    136
    Location:
    Nottingham, UK
    There is no indication that they ever had server root access, all the stuff we saw was done as the apache user.

    The enviromnent was not "littered" with php shells either. Since last week, at least one person claiming to be the hacker says they did not use any vbulletin exploit to gain access to the server. They also claim they supplied the screenshots to those who publicly claimed the hack. The point is people make claims about what was or wasnt done, but no one other than those truely responsible actually knows.

    Right, you obviously dont know me very well, or you really are just full of it.

    Not as far as I know, I have not seen any spam other than by the usual new registration spammers.
     
  6. ManagerJosh

    ManagerJosh Regular Member

    Joined:
    Sep 27, 2012
    Messages:
    96
    Likes Received:
    87
    How was this determined? Logs do not count.
     
  7. Chris Teriakis

    Chris Teriakis Regular Member

    Joined:
    Nov 19, 2013
    Messages:
    80
    Likes Received:
    39
    Location:
    Thessaloniki, Greece
    Wrong. I know you very well. Bad for me, good for you, my knowledge in English is limited to simple daily convertations, so almost impossible to express feelings and thoughts. But while in English I need sentences of sentences to explain it, in Greek there is just a single word which best fits for you and contains everything.
     
    Last edited: Nov 23, 2013
    Big al likes this.
  8. Big al

    Big al Regular Member

    Joined:
    May 14, 2013
    Messages:
    1,093
    Likes Received:
    415
    Location:
    OZ
    πουστιά - poystia? :whistle: Hope I got it right. :ROFL:
     
    Chris Teriakis likes this.
  9. Chris Teriakis

    Chris Teriakis Regular Member

    Joined:
    Nov 19, 2013
    Messages:
    80
    Likes Received:
    39
    Location:
    Thessaloniki, Greece
    ...lol.... Not that this is far away, but the real one is that one with three "A" :)
     
    Big al likes this.
  10. Big al

    Big al Regular Member

    Joined:
    May 14, 2013
    Messages:
    1,093
    Likes Received:
    415
    Location:
    OZ
    Efharisto' poli' Sorry my Greek is a but rusty, but then my English is not too great either. :ROFL:
     
    Chris Teriakis likes this.
  11. ManagerJosh

    ManagerJosh Regular Member

    Joined:
    Sep 27, 2012
    Messages:
    96
    Likes Received:
    87
    Apologies if it sounds like I'm beating a dead horse, but I saw this post written by Paul earlier this afternoon, and it left my stomach unsettled.

    Translation: They have no idea how they were attacked.
     

    Attached Files:

    Brandon and Big al like this.
  12. Big al

    Big al Regular Member

    Joined:
    May 14, 2013
    Messages:
    1,093
    Likes Received:
    415
    Location:
    OZ
    HOW did hackers obtain the password?
    Hardly surprising really, when unethical staff members are protected who have already been compromised.
    How far has the compromising now gone?

    It is clear that the staff there have no concept of the methods used by the high end hackers these days.
    Sorry guys, but the old security methods are no longer of much use.

    If you were ethical and doing your job properly instead of denigrating customers, they would be assisting you but alas you just do not get it. And probably never will.
     
    Last edited: Dec 4, 2013
  13. ManagerJosh

    ManagerJosh Regular Member

    Joined:
    Sep 27, 2012
    Messages:
    96
    Likes Received:
    87
    I know it is easy to paint a big giant bullseye on the vBulletin staff members, and call them unethical, but in reality, security breaches apply to all organizations including the most ethical and unethical organizations. "Bad" does not discriminate.

    Most organizations have no idea they have been compromised until it's too late. Many do not have the proper detection capabilities or the investigative capabilities on top of regular due diligence.

    Cyber Defense is hard.
     
    Brandon likes this.
  14. Brandon

    Brandon Regular Member

    Joined:
    Jun 1, 2009
    Messages:
    6,602
    Likes Received:
    1,707
    Location:
    Topeka, Kansas
    First Name:
    Brandon
    So... if they don't know how that got in, how do they know they're protected now?
     
    Big al likes this.
  15. ManagerJosh

    ManagerJosh Regular Member

    Joined:
    Sep 27, 2012
    Messages:
    96
    Likes Received:
    87
    Honestly, from my perspective, the biggest mistake was not asking an outside consulting firm that deals with incident response and investigation to look for indicators of compromise (IOC).

    I'm guessing here, but I suspect the investigation was limited to a small subset of logs they retained.

    Given the finite amount of information they were able to examine and review, we as customers need to assume that the Adversary is still in their networks, and that since they were unable to determine how they got in, we as customers are still at risk.
     
    Big al and Brandon like this.
  16. Big al

    Big al Regular Member

    Joined:
    May 14, 2013
    Messages:
    1,093
    Likes Received:
    415
    Location:
    OZ
    Not all VB staff members are unethical but they do tend to get lumped in with those that are unethical.

    Words are cheap but I believe in this, "By their DEEDS ye shall know them"
    (or in some cases by their LACK of necessary deeds)

    Such deeds as lying to customers and posting propaganda about how great the load of crap known as VB5 is, is unethical.
    Protecting liars and unethical staff members who support scammers and hackers is unethical, as is refusing to act fairly when an official complaint is received.
    Deceiving customers and members by only allowing pro Vb comments to remain is unethical.
    Banning customers whose only crime is to ask legitimate questions is unethical.
    Altering customers and members posts to alter their intent is unethical.
    Calling customers stupid for actually trusting Vb and purchasing VB on their recommendation is unethical.

    Do I need to go on? It is true that SOME vb staff are helpful and kudos to them, but when the others act like dictators and do unethical things then they will be considered unethical.

    The unethical ones have had plenty of opportunity to set the record straight and do the right thing by their customers, but alas they have made no visible attempt to do the right thing and continue to play the big mister trick just to feed their egos.

    When they do the right and correct things then I will be happy to praise them but I have not seen any of this so far.
     
    Autopilot and Terry like this.
  17. Big al

    Big al Regular Member

    Joined:
    May 14, 2013
    Messages:
    1,093
    Likes Received:
    415
    Location:
    OZ
    Extremely valid points.
    If the Vb staff were acting in a respectful and responsible manner, then I am sure that some people involved in high end security would offer assistance but why would anyone offer help when they are acting in the manner they have adopted?

    As has been stated by many admins on here, IF the VB staff acted properly then many of their customers would be willing to help them get Vb back up again. But as things are now.......
     
  18. ManagerJosh

    ManagerJosh Regular Member

    Joined:
    Sep 27, 2012
    Messages:
    96
    Likes Received:
    87
    Our firm extended an invitation to help, but we never heard back.
     
    Big al likes this.
  19. Big al

    Big al Regular Member

    Joined:
    May 14, 2013
    Messages:
    1,093
    Likes Received:
    415
    Location:
    OZ
    This was very good of you and you are to be applauded. Well done! :agreed: :thumbsup:
     
  20. ManagerJosh

    ManagerJosh Regular Member

    Joined:
    Sep 27, 2012
    Messages:
    96
    Likes Received:
    87
    Thanks, but it was entirely selfish :P . I wanted to know how much of my personal information was at risk, including credit card info, usernames, passwords, etc..
     
    Autopilot likes this.

Share This Page