agree 50% with you.
but one is true
official VB say dont use any mod/hack (3rd party utilities) using own risk.
Announcement
Collapse
No announcement yet.
Site hacked, can someone please help?
Collapse
This topic is closed.
X
X
-
Originally posted by Paul M View PostJust to be clear - while Valters mod is strongly suspected - I have not seen any confirmation that this has been proved - or indeed that every site was even running it.
One of my vb sites was hacked as well & yes I was running suspected addon but, that means nothing. And I had it back up and running within 45 mins with a backup.
The question I have yet to see asked is how all the vb sites were hacked at the same time or how a script was set up and ran to do them all over a short period of time & where they got their info to know who all was running the suspected addon.
I do not believe it was Valters mod at all!
We all know the staff changes vbulletin has gone through & the creation of xenforo and the bad blood between the two.
Could this be a way to get people to dis-trust vbulletin and switch over? Just a thought. Think about it...
How many sites reported they were hacked?
I honestly believe this was an internal issue, (within vbulletin.com) I mean who else has access to know who is running what?
I could go on with other conspiracy theorys....but, something just ain't right about this whole mess...
Leave a comment:
-
im trusted Valter and you Paul M and using many 3rd party tools on my site/forum.
but this security risks/bugs/exploits is very bad for me (not have time to install and setup again my site/forum for begin if anyone hacked).
i am spend money to buy VB licence 3.x and 4.x
now using VB 3.x but if hacked i am uninstall anything for VB 3.x and install / setup VB 4.x without any mod.
Leave a comment:
-
Just to be clear - while Valters mod is strongly suspected - I have not seen any confirmation that this has been proved - or indeed that every site was even running it.
Leave a comment:
-
Originally posted by SoftDux View PostYes I did, and I see a lot of people saying they don't know how it happened. Is there an actual, confirmed bug or fix?
The vB support team are also asking that anyone still struggling should raise a support ticket to them.
Leave a comment:
-
Originally posted by SoftDux View PostDoes anyone know how they're hacking the websites, and what we need todo to completely stop it?
Or is VB going to be the next joke-forum which gets hacked all around the globe?
Leave a comment:
-
Does anyone know how they're hacking the websites, and what we need todo to completely stop it?
Or is VB going to be the next joke-forum which gets hacked all around the globe?
Leave a comment:
-
i did some cleaning like a lot of you did . and it seem to just keep going and going. LOL. just ran back up . alls well dumped advance rules. lost a few days of post but all is good to go now and done with the searching and trying to fix..
Leave a comment:
-
For those that aren't already doing it, you may want to create a backup job for your database to run at least once per day. There is a shell script in the do_not_upload folder of the ZIP file which can be used by a Cron job you setup on the server. Alternatively, if you don't have access to create Cron jobs, try something like this:
http://www.vbulletin.org/forum/showthread.php?t=201319
Leave a comment:
-
My site too was hacked by Team Animus, however, they only defaced my site. I found the following on my site;
Hacker SQL injected admin user with userid 13371337.
Moved all Admins to Members.
Banned all Admins.
Changes all user titles to 'Hacked By Team Animus'
Turned board offline.
I found no trace of vba.php anywhere on my server nor any other evidence of any changes.
I too was using the Advanced Registration mod.
Leave a comment:
-
Just wanted to chime in with my very large thanks to the knowledgeable posters in this thread who were able to provide solutions. I discovered the hack around 10pm Eastern time last night, and spent 3 hours cleaning up most of the mess, and finished this morning after some sleep. But without this thread I would have been lost. I've never had one of my sites hacked, and never had to deal with any clients whose sites were hacked. My hax0r cherry has been royally popped, and like others have said, it's only made me stronger. Go figure, I applied strong security on client's sites, but never on my own. Well.... that has changed.
Leave a comment:
-
We were lucky in that (Australian time) the hack attack occurred in the early morning but after our daily 3am backup.
I changed passwords, I deleted all the newly updated files, I replaced them from original source, restored from the 3am backup - all good.
We only lost a handful of threads and posts, but it was the safest option IMHO.
Lessons?
1. Have a daily backup!
2. Have all the source code safe somewhere else.
3. Take more time to eyeball add-on code
Note: Valter's code has been around for years. NO ONE noticed the problem until now.
It's very easy to visually check all form fields and SQL in an addon; checking that vB cleaning and escape_string have been applied.
We (Admins) all need to be vigilant, no point blaming anyone, TeamAnimus have done us a favour by making us take security seriously (or more so).
Not that I would object to tasking Seal Team 6 onto TeamAnimus
Kym
PS:
Originally posted by BirdOPrey5 View PostActually hacks like this keep us on our toes, like we should be. <snip>
It does bring up some questions about our modding community too... If even some of our most popular mods by our most experienced coders can have these exploits maybe we need to do more than just offer mods as "use at your own risk." - I would like to implement some sort of peer review process for mods, don't know if it's possible but it's worth discussing anyway.
We, as a community, will come out of this stronger than when we went it.Last edited by AusPhotography; Thu 5 May '11, 4:54pm.
Leave a comment:
-
Originally posted by BirdOPrey5 View PostGotcha... so then there was more changes made by this hack than being widely reported.
I've seen users inserted
I've seen shells uploaded
I've seen user titles changed
I've seen plugins added.
I've seen files uploaded.
Leave a comment:
Related Topics
Collapse
-
I just signed up for vbulletin. It is used in a lot of gaming communities. I am trying to build my own community and now have enough members to justify building a forum. So I know alot of the clans/gaming...
-
Channel: vB Cloud Support & Troubleshooting.
Wed 7 Jun '17, 9:25am -
Leave a comment: