OMG My vBulletin Forum Hacked

Collapse
X
 
  • Time
  • Show
Clear All
new posts
  • v7web
    Member
    • Dec 2008
    • 57
    • 3.8.x

    OMG My vBulletin Forum Hacked

    I have just tried to log into my forum and found that it has been hacked.
    My password wasn't recognised, when I tried to get a new password sent my email was not recognised.
    So I logged into my host cPanel and checked the user database. I found that someone had changed the admin email and password.

    Anyone else had this? and are vBulletin aware of this major security floor ( i am running vBulletin® Version 3.8.3)
  • sportsfi
    Senior Member
    • Oct 2008
    • 709
    • 3.8.x

    #2
    some times it is not the fault of vBulletin... no matter how often people wish to blame them for the world ending, accounts being hacked, global warming and everything else that is wrong in the world.

    Maybe your account was hacked because you used a basic password that was easy to hack. Maybe you have had a key logger installed in on your computer which sends the hacker absolutely everything you ever type hence them able to get in, maybe it was a ddos attack, maybe your cpanel was hacked....

    Not everything is a security flaw with vBulletin contact your hosts ask for an ip log to see who has gotten in, get them to reset your passwords, install a backup of your forums and then improve your sites security change the folder of the admincp remembering to update the php files to corrospond, maybe change your password - but one thing is for sure don't keep blaming vBulletin because you don't take the steps to protect your site.

    Comment

    • Sir Nick
      Senior Member
      • Sep 2009
      • 363
      • 3.8.x

      #3
      Originally posted by sportsfi
      some times it is not the fault of vBulletin... no matter how often people wish to blame them for the world ending, accounts being hacked, global warming and everything else that is wrong in the world.

      Maybe your account was hacked because you used a basic password that was easy to hack. Maybe you have had a key logger installed in on your computer which sends the hacker absolutely everything you ever type hence them able to get in, maybe it was a ddos attack, maybe your cpanel was hacked....

      Not everything is a security flaw with vBulletin contact your hosts ask for an ip log to see who has gotten in, get them to reset your passwords, install a backup of your forums and then improve your sites security change the folder of the admincp remembering to update the php files to corrospond, maybe change your password - but one thing is for sure don't keep blaming vBulletin because you don't take the steps to protect your site.
      Like he said.

      You need to come up with a password that has around 8-16 characters that you can remember. Mix it up use letters with some numbers. Like say you live on maplestreet and your house is 3182 make your pass Maplestreet3182 Or something like that. I tend to stick with that or something close to that on forums i have a feeling i am a target to get hacked.

      Comment

      • 1QuickSI
        Senior Member
        • Oct 2001
        • 881
        • 4.2.5

        #4
        Norton™ provides industry-leading antivirus and security software for your PC, Mac, and mobile devices. Download a Norton™ 360 plan - protect your devices against viruses, ransomware, malware and other online threats.
        -----------------------------------------------------------
        Running custom version of vBulletin based on v4.2.5
        PHP 7.4.14 :: MariaDB 10.5.8

        Comment

        • borbole
          Senior Member
          • Feb 2010
          • 3074
          • 4.0.0

          #5
          Also upgrade to the latest version of vbulletin. And ask your host to check their access logs as that will tell how the hackers got in your forum.

          Comment

          • v7web
            Member
            • Dec 2008
            • 57
            • 3.8.x

            #6
            Originally posted by sportsfi
            some times it is not the fault of vBulletin... no matter how often people wish to blame them for the world ending, accounts being hacked, global warming and everything else that is wrong in the world.

            Maybe your account was hacked because you used a basic password that was easy to hack. Maybe you have had a key logger installed in on your computer which sends the hacker absolutely everything you ever type hence them able to get in, maybe it was a ddos attack, maybe your cpanel was hacked....

            Not everything is a security flaw with vBulletin contact your hosts ask for an ip log to see who has gotten in, get them to reset your passwords, install a backup of your forums and then improve your sites security change the folder of the admincp remembering to update the php files to corrospond, maybe change your password - but one thing is for sure don't keep blaming vBulletin because you don't take the steps to protect your site.

            Nothing to do with vBulletin eh?
            So that's why we get updates like the one below then.....



            Spoke to my host and they showed me that the hack was via my vBulletin database and entry was NOT from cPanel

            Comment

            • borbole
              Senior Member
              • Feb 2010
              • 3074
              • 4.0.0

              #7
              Originally posted by v7web
              Nothing to do with vBulletin eh?
              So that's why we get updates like the one below then.....



              Spoke to my host and they showed me that the hack was via my vBulletin database and entry was NOT from cPanel
              That was for vb 4.0.2 btw whereas you are using vb 3.8.3 which is an out dated version btw. It would be eset to upgrade your forum to the latest version, be that of the 4x branch or of 3x one.

              Comment

              • ChopSuey
                Senior Member
                • Apr 2009
                • 1164
                • 4.0.0

                #8
                NVM Looks like you've migrated to mybb. xD
                Last edited by ChopSuey; Tue 23 Feb '10, 2:11am.

                Comment

                • Trevor Hannant
                  vBulletin Support
                  • Aug 2002
                  • 24325
                  • 5.7.X

                  #9
                  And how did they get to your database? Are you on shared hosting or dedicated?
                  Vote for:

                  - Admin Settable Paid Subscription Reminder Timeframe (vB6)
                  - Add Admin ability to auto-subscribe users to specific channel(s) (vB6)

                  Comment

                  widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.
                  Working...