agree 50% with you.
but one is true
official VB say dont use any mod/hack (3rd party utilities) using own risk.
-
I couldn't agree more, and how was it suspected & by whom?Originally posted by Paul M View Post
One of my vb sites was hacked as well & yes I was running suspected addon but, that means nothing. And I had it back up and running within 45 mins with a backup.
The question I have yet to see asked is how all the vb sites were hacked at the same time or how a script was set up and ran to do them all over a short period of time & where they got their info to know who all was running the suspected addon.
I do not believe it was Valters mod at all!
We all know the staff changes vbulletin has gone through & the creation of xenforo and the bad blood between the two.
Could this be a way to get people to dis-trust vbulletin and switch over? Just a thought. Think about it...
How many sites reported they were hacked?
I honestly believe this was an internal issue, (within vbulletin.com) I mean who else has access to know who is running what?
I could go on with other conspiracy theorys....but, something just ain't right about this whole mess...Leave a comment:
-
im trusted Valter and you Paul M and using many 3rd party tools on my site/forum.
but this security risks/bugs/exploits is very bad for me (not have time to install and setup again my site/forum for begin if anyone hacked).
i am spend money to buy VB licence 3.x and 4.x
now using VB 3.x but if hacked i am uninstall anything for VB 3.x and install / setup VB 4.x without any mod.Leave a comment:
-
Just to be clear - while Valters mod is strongly suspected - I have not seen any confirmation that this has been proved - or indeed that every site was even running it.Leave a comment:
-
It's not a bug in vBulletin, it's a security hole in a modification. Inside this thread are instructions on how to patch it (which it basically, updating the modification as the author has released a patched version),and there are also instructions on how to restore your site if you are attacked.Originally posted by SoftDux View Post
The vB support team are also asking that anyone still struggling should raise a support ticket to them.Leave a comment:
-
Does anyone know how they're hacking the websites, and what we need todo to completely stop it?
Or is VB going to be the next joke-forum which gets hacked all around the globe?Leave a comment:
-
i did some cleaning like a lot of you did . and it seem to just keep going and going. LOL. just ran back up . alls well dumped advance rules. lost a few days of post but all is good to go now and done with the searching and trying to fix..Leave a comment:
-
For those that aren't already doing it, you may want to create a backup job for your database to run at least once per day. There is a shell script in the do_not_upload folder of the ZIP file which can be used by a Cron job you setup on the server. Alternatively, if you don't have access to create Cron jobs, try something like this:
http://www.vbulletin.org/forum/showthread.php?t=201319Leave a comment:
-
My site too was hacked by Team Animus, however, they only defaced my site. I found the following on my site;
Hacker SQL injected admin user with userid 13371337.
Moved all Admins to Members.
Banned all Admins.
Changes all user titles to 'Hacked By Team Animus'
Turned board offline.
I found no trace of vba.php anywhere on my server nor any other evidence of any changes.
I too was using the Advanced Registration mod.Leave a comment:
-
Just wanted to chime in with my very large thanks to the knowledgeable posters in this thread who were able to provide solutions. I discovered the hack around 10pm Eastern time last night, and spent 3 hours cleaning up most of the mess, and finished this morning after some sleep. But without this thread I would have been lost. I've never had one of my sites hacked, and never had to deal with any clients whose sites were hacked. My hax0r cherry has been royally popped, and like others have said, it's only made me stronger. Go figure, I applied strong security on client's sites, but never on my own. Well.... that has changed.Leave a comment:
-
We were lucky in that (Australian time) the hack attack occurred in the early morning but after our daily 3am backup.
I changed passwords, I deleted all the newly updated files, I replaced them from original source, restored from the 3am backup - all good.
We only lost a handful of threads and posts, but it was the safest option IMHO.
Lessons?
1. Have a daily backup!
2. Have all the source code safe somewhere else.
3. Take more time to eyeball add-on code
Note: Valter's code has been around for years. NO ONE noticed the problem until now.
It's very easy to visually check all form fields and SQL in an addon; checking that vB cleaning and escape_string have been applied.
We (Admins) all need to be vigilant, no point blaming anyone, TeamAnimus have done us a favour by making us take security seriously (or more so).
Not that I would object to tasking Seal Team 6 onto TeamAnimus
Kym
PS:
+100Originally posted by BirdOPrey5 View Post
Last edited by AusPhotography; Thu 5 May '11, 3:54pm.Leave a comment:
-
I just signed up for vbulletin. It is used in a lot of gaming communities. I am trying to build my own community and now have enough members to justify building a forum. So I know alot of the clans/gaming...Wed 7 Jun '17, 8:25am
Leave a comment: