Announcement

Collapse
No announcement yet.

3.8.6 Hacked

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • 3.8.6 Hacked

    I upgraded to 3.8.6 this week and was hacked last night. I read here about an exploit. I downloaded the 3.8.6 upgrade from the members area. Did that not have the latest security updates as part of it or should I have gotten another file somewhere to install after?

    Update: My upgrade was two days before the release of the security patch. If an email was sent out, I never received it.
    Last edited by TitanJeff; Sat 24th Jul '10, 8:41am.

  • #2
    If you were hacked due to the exploit you should be OK if you change your mysql login info, and to be overly safe your admin account passwords... they shouldn't have had access to the file system, if they did the hack probably had nothing to do with the exploit, which it likely did not.

    Comment


    • #3
      Thanks for your reply. I've sent you a PM.

      Comment


      • #4
        What type of hack was it? Also you should ask your host to check out the access logs to see what went down exactly.

        Comment


        • #5
          It looks like he was hacked due to the exploit. I don't want to share more info then that, if he wants to he will.

          Comment


          • #6
            Read the 3.8.6 pl1 announcement, make sure the phrase is no longer in the system, by running the delete query.
            however, restore to your backup prior to the hack, then patch it, and you're fine.

            Comment


            • #7
              Let's just say I upgraded two days before the security patch and never got an email (I've not been getting emails from vB for quite some time) that a problem existed.

              I have a backup from a couple of weeks back but lost about 50+ hours of template modifications and other work. I had also paid someone for their assistance.

              But... I still have my health!

              Comment


              • #8
                Originally posted by BirdOPrey5 View Post
                If you were hacked due to the exploit you should be OK if you change your mysql login info, and to be overly safe your admin account passwords...
                I had a couple users write in, and one of them cut and pasted my db details that he pulled off his screen. After patching I created a new database and mysql user just to be sure.

                Comment


                • #9
                  Originally posted by M_K View Post
                  I had a couple users write in, and one of them cut and pasted my db details that he pulled off his screen. After patching I created a new database and mysql user just to be sure.
                  Yeah, def. change those details after patching. And yes, that's the 3.8.6 exploit, where they disclose the db details.

                  Comment


                  • #10
                    Originally posted by M_K View Post
                    I had a couple users write in, and one of them cut and pasted my db details that he pulled off his screen. After patching I created a new database and mysql user just to be sure.
                    I emailed the admins of the forums I tested... some emails came back undeliverable. oh well.

                    Comment


                    • #11
                      I didn't notice any notification in the admin panel about this. Was one done?

                      Comment


                      • #12
                        yes, it was there... your hackers may have dismissed it.

                        Comment


                        • #13
                          Got the old database restored (back to 3.7.3). My css is messed up now. Anything I can do so that it can find the old style? Thanks.

                          http://www.gotitans.com/goForum/

                          Comment


                          • #14
                            If the .css was stored in a file then restoring the database won't bring that back unfortunately... unless you have a file backup from about the same time you may need to redo the css manually. I'd suggest upgrading to 3.8.6 PL1 before wasting time with the css in an old version.

                            Comment


                            • #15
                              I don't understand. I was using the same template before and after the upgrade. None of the other templates are functioning properly either.

                              Comment

                              widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.
                              Working...
                              X