Announcement

**WurkAnimal** · Wed 26 Jul '06, 8:45am

It may be a spoof, have you tried reporting it to vbportal ?

**Kathy** · Wed 26 Jul '06, 8:47am

I went to vbportal.....and its closed.

**WurkAnimal** · Wed 26 Jul '06, 8:52am

Try looking at vbportal's WHOIS and email the team. That's your best bet.

**Miko** · Wed 26 Jul '06, 8:58am

you can see here why they are closed
http://www.phpportals.com/forums/index.php

EAH VBPortal is Hacked By R00T[ATI] & SecAnalyst

We have Informed you about a hole in the vbportal webApp
But no one didn't answer our mails , it means this site doesn't have any 0WN3R
if the site doesn't have any 0WN3R so who had change configuration of the Apache?

**firewire** · Wed 26 Jul '06, 9:03am

The email (I got one, too) is indeed originating from the www.vbportal.com / www.phpportals.com server. Looks like they have been hacked.
The fact the hackers were emailing all registered users at the vbportal.com forum proves they had access to the user database, which means your email address plus forum password.

I'd advice you to change your password anywere you are using the same user/password combination as on vbportals.com/phpportals.com

It is not very unlikely the email address you are using at that forum will be getting a lot of spam soon.

What troubles me most is the hackers' statement:

We have Informed you about a hole in the vbportal webApp
But no one didn't Ask our mails , it means this site doesn't have any 0WN3R
if the site doesn't have any 0WN3R so who had change configuration of the Apache?

If they are right means the vbportal.com/phpprotals.com server admins didn't do their homework at all, and they even neglected their users's privacy and data protection. Shame on them.

**centris** · Wed 26 Jul '06, 9:18am

I got the same mail. Have closed my portal but left forums open for now till I find out more. I would not be surprised if this were a Ajax issue.

**Dean C** · Wed 26 Jul '06, 9:20am

Doesn't look like they've done much other than highlight a vulnerability

**WurkAnimal** · Wed 26 Jul '06, 9:24am

http://www.google.co.uk/search?hl=en...ch&sa=N&tab=iw

Google's picking that name up.

**firewire** · Wed 26 Jul '06, 9:28am

I am amazed to see nobody is worried about their email address and password has got into the hands of a hacker...

**centris** · Wed 26 Jul '06, 9:36am

Originally posted by firewire View Post

I am amazed to see nobody is worried about their email address and password has got into the hands of a hacker...

The password can be changed as can the email address, however these must have been pulled from the vbulletin database RIGHT? So we all should be worried until the issue is resolved.

**Dean C** · Wed 26 Jul '06, 9:49am

Originally posted by firewire View Post

I am amazed to see nobody is worried about their email address and password has got into the hands of a hacker...

They can't get anyones password.

**ixian** · Wed 26 Jul '06, 9:55am

Originally posted by Dean C View Post

They can't get anyones password.

You really believe that weak encryption is going to stop someone who has access to the database?

Don't stick your head in the sand, use common sense and change your passwords. What's it really going to hurt?

I got the same email, btw - thanks vbportals!

**Dean C** · Wed 26 Jul '06, 9:57am

Okay than Ixian, you bruteforce a twice md5 encrypted password with a salt and get back to me when you've cracked it...

**ixian** · Wed 26 Jul '06, 10:00am

That's right, ignore the point of my post, which is to follow best security practices and change your password as a precaution, and focus on being "right". I never said *I* could break it, but I don't doubt for a minute that someone else can. That, however, is a pointless debate, so I'll just call it now:

Congratulations you win at the internet! Your prize is not in the mail.

Announcement

vbportal?

vbportal?

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment