Announcement

**Trevor Hannant** · Mon 20 Jun '11, 4:51am

What modifications are you running? Have you got proof frm logs that they hacked it via a default script?

**Ramsesx** · Mon 20 Jun '11, 5:28am

That's what google cache told:
4.1.3 vBSEO 3.6.0 RC 2
4.0.2 forum.seo.com
4.1.3 SEO by vBSEO
4.x
4.1.2 vBSEO 3.5.0 RC2
4.1.0
4.x
4.1.1
4.x
4.1.4

Some have vbseo but not all. There must be a strange securtiy issue.

**PondPikey** · Mon 20 Jun '11, 5:38am

Same problem...

**Ramsesx** · Mon 20 Jun '11, 5:43am

Originally posted by PondPikey View Post

Same problem...

This link gives me a malware warning, don't recommend to click it.

**PondPikey** · Mon 20 Jun '11, 5:46am

Apologies, removed link.

Damn I am so angry at the moment. REMOVED vbulletin. Steaming pile of poo.

**Trevor Hannant** · Mon 20 Jun '11, 5:54am

Originally posted by PondPikey View Post

Apologies, removed link.

Damn I am so angry at the moment. REMOVED vbulletin. Steaming pile of poo.

Yes, of course it is...

**borbole** · Mon 20 Jun '11, 6:10am

From that list almost all forums are running older version of vb. Anyway, I don''t think there is any known security issue found with the latest version of vb otherwise it would have been all over the net by now.

For those that were hacked, it would be best to submit a ticket at the vb customer area and at their hosts too so both options are investigated.

**Loco.M** · Mon 20 Jun '11, 6:23am

it's it ironic that most those sites are hacking sites themselves, or warez sites..

**Maurd** · Mon 20 Jun '11, 6:31am

I highly advise everyone NOT to click any of the links in Ramsesx's post (#3). The 'GlobalSecurity' link must contain a hidden iframe because after visiting that link three unknown processes where created on my system. It's using Java for the processes which leads me to believe it's probably a part of the blackhole exploit going around ever since the kit was released for free.

The browser was latest stable Chrome.

**Reeve of Shinra** · Mon 20 Jun '11, 6:35am

crazy stuff

**hacksden** · Mon 20 Jun '11, 7:14am

Originally posted by Trevor Hannant View Post

What modifications are you running? Have you got proof frm logs that they hacked it via a default script?

The mods we were running were:

[AJAX] Post Thank You Hack
DownloadsII
[YUI] VSQ - Spoiler
Yet Another Awards System
[Mod-Mall] Google +1 - Googles 'like' equivilent
[v.4.5] MARCO1 Advanced Quick Reply - Advanced Quick Edit - With Smiles!!
Lightweight Style Options for "Lightweight Style
Display Unread Posts and Reputation Comments
VB4 - Mobile Phone / iPhone / PDA Detection and Style Assignment
VSA-Advanced Forum Rules

I'll have to get back to you on the logs.

**meeja** · Mon 20 Jun '11, 7:54am

Advanced Forum Rules did have a security which was patched on May 18th - it's imperative that users mark plugins as installed on vbulletin.org so they know when an exploit is found and patched. If you don't upgrade to the latest patch, it's your fault, not vbulletin's.

**Trevor Hannant** · Mon 20 Jun '11, 7:59am

Originally posted by hacksden View Post

The mods we were running were:

[AJAX] Post Thank You Hack
DownloadsII
[YUI] VSQ - Spoiler
Yet Another Awards System
[Mod-Mall] Google +1 - Googles 'like' equivilent
[v.4.5] MARCO1 Advanced Quick Reply - Advanced Quick Edit - With Smiles!!
Lightweight Style Options for "Lightweight Style
Display Unread Posts and Reputation Comments
VB4 - Mobile Phone / iPhone / PDA Detection and Style Assignment
VSA-Advanced Forum Rules

I'll have to get back to you on the logs.

Are you running fully up to date versions of these, in particular the final one?

**Paul M** · Mon 20 Jun '11, 9:09am

Originally posted by hacksden View Post

[/URL]VSA-Advanced Forum Rules
[/B]

A big [nasty] security hole was found in that, fixed in mid-may, if you didnt have the latest version they could easily hack you.

vBulletin 4 End of Life

Announcement

10 vBulletin Forums Hacked Last Night

[Forum] 10 vBulletin Forums Hacked Last Night

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Related Topics