Casinos

Casinos By Status

Popular Filters

By Banking Options

Games

All Games

Bonuses

Popular Bonus Filters

Forums

Popular Forums

Forum User Features

Complaints

Submit A Complaint (PAB)

PAB Rules and Guidelines

Browse PABs

Gambling News

Popular News Sections

vBulletin Hacked - Databases Stolen

mattsgame

mattsgame

Meister Member
webmeister
CAG
Joined
Sep 17, 2009
Location
Out Of Town
So it seems vBulletin was hacked and forced a few people to take down there forums due to fear of it happening to them. Quite scary stuff when you always think vBulletin was always the go to forum software. The other thing which I admit I was not aware of is that vBullentin still uses the MD5 to store passwords, I honestly thought they changed this a while ago.

You can read more here:
You do not have permission to view link Log in or register now.


I would be a touch weary if you are running this software until they release a patch of some sort.
 
Update

There was an update on this.

Update: A spokesman for Internet Brands -- the parent company of vBulletin -- emailed Monday to say the company had dismissed Inj3ct0r Team's claimed discovery of a zero-day vulnerability in the company's online forum software. "Given our analysis of the evidence provided by the Inject0r team, we do not believe that they have uncovered a 0-day vulnerability in vBulletin," read a related blog post from vBulletin's Luke, which was released after the above story ran. "These hackers were able to compromise an insecure system that was used for testing vBulletin mobile applications. The best defense against potential compromises is to keep your system running on the very latest patch release of the software."
Click to expand...
 
I've been following this since it came out. It seems it was the vBulletin servers and not the software that was attacked. If any passwords were compromised it would have been customer and vbulletin forum members' passwords - which have all been changed:

The following is an update regarding the previously reported attack on vBulletin.com and vBulletin.org. The assessment of the attack has been completed and we wish to assure the community of vBulletin site operators and users that such attacks were not due to any inherent security vulnerability in the vBulletin software, including any zero-day vulnerability.

Based on our assessment, the attack was conducted by malicious hackers leveraging log-on data for servers on vBulletin.com and vBulletin.org to unlawfully gain access to user tables. No other vBulletin.com web servers were impacted.

Following discovery of the attack, all administrative and user passwords on vBulletin.com and vBulletin.org were changed. In addition, vBulletin.com and vBulletin.org users were notified of the attack and the need to change their passwords.

We take security matters very seriously and will continue to monitor our servers.
Click to expand...
 

Similar threads

Casinomeister
Looking for moderator volunteers.
Replies
5
Views
2K
Casinomeister
Casinomeister
mellody
when your casino account is closed, always query it
Replies
5
Views
2K
jasonuk
J
snorky510238
Online gambling has become a disgrace for UK players
2
Replies
43
Views
3K
jasonuk
J
S
The OSHI casino stalling tactics
Replies
3
Views
654
Subyzero
S
maxd
A Visit to the Vault From the Pit to the Podium: Phoenix Awards 2011 & 2015
Replies
0
Views
372
maxd
maxd

Users who are viewing this thread

Total: 2 (members: 0, guests: 2)
Click here for Red Cherry Casino

Meister Ratings

Read about our rating system and how it's done.
Back
Top