Site hacked, can someone please help?
Collapse
This topic is closed.
X
X
-
My site too was hacked by Team Animus, however, they only defaced my site. I found the following on my site;
Hacker SQL injected admin user with userid 13371337.
Moved all Admins to Members.
Banned all Admins.
Changes all user titles to 'Hacked By Team Animus'
Turned board offline.
I found no trace of vba.php anywhere on my server nor any other evidence of any changes.
I too was using the Advanced Registration mod.Comment
-
For those that aren't already doing it, you may want to create a backup job for your database to run at least once per day. There is a shell script in the do_not_upload folder of the ZIP file which can be used by a Cron job you setup on the server. Alternatively, if you don't have access to create Cron jobs, try something like this:
Comment
-
Does anyone know how they're hacking the websites, and what we need todo to completely stop it?
Or is VB going to be the next joke-forum which gets hacked all around the globe?Comment
-
MARK.B
vBulletin Support
------------
My Unofficial vBulletin 6.0.0 Demo: https://www.talknewsuk.com
My Unofficial vBulletin Cloud Demo: https://www.adminammo.comComment
-
Comment
-
The vB support team are also asking that anyone still struggling should raise a support ticket to them.MARK.B
vBulletin Support
------------
My Unofficial vBulletin 6.0.0 Demo: https://www.talknewsuk.com
My Unofficial vBulletin Cloud Demo: https://www.adminammo.comComment
-
im trusted Valter and you Paul M and using many 3rd party tools on my site/forum.
but this security risks/bugs/exploits is very bad for me (not have time to install and setup again my site/forum for begin if anyone hacked).
i am spend money to buy VB licence 3.x and 4.x
now using VB 3.x but if hacked i am uninstall anything for VB 3.x and install / setup VB 4.x without any mod.Comment
-
One of my vb sites was hacked as well & yes I was running suspected addon but, that means nothing. And I had it back up and running within 45 mins with a backup.
The question I have yet to see asked is how all the vb sites were hacked at the same time or how a script was set up and ran to do them all over a short period of time & where they got their info to know who all was running the suspected addon.
I do not believe it was Valters mod at all!
We all know the staff changes vbulletin has gone through & the creation of xenforo and the bad blood between the two.
Could this be a way to get people to dis-trust vbulletin and switch over? Just a thought. Think about it...
How many sites reported they were hacked?
I honestly believe this was an internal issue, (within vbulletin.com) I mean who else has access to know who is running what?
I could go on with other conspiracy theorys....but, something just ain't right about this whole mess...Comment
-
During the attack I didn't see anything different than what's described in this thread, so hopefully that's the extent of it.~ Life isn't always fair, but you can be. ~Comment
-
There has not been a single forum reported hacked by these people not running the mod in question. When investigated the mod had a flaw that could exactly allow this kind of attack. Unless we talk to the actual hacker (and believe him) we can never be 100% sure but what we do know is good enough for me.
This was a very popular mod, over 14,000 downloads someone mentioned... It is also an important mod for larger communities. I'd imagine if you tried 5 active VB 3.x forums at random you'd find 1 running it. It wouldn't be hard to make a list of who runs it and exploit it. Also if the hacker has access to vBulletin.org he could see anyone who posted in the mod thread and follow links in their signatures or profile to their sites and make a list that way.
vBulletin Solutions/IB/ or XF had nothing to do with this. Believe me I believe A LOT of conspiracies but this was just a mod with a flaw that went unnoticed for a long time.Last edited by BirdOPrey5; Fri 6 May '11, 7:41am.👍 1Comment
-
There has not been a single forum reported hacked by these people not running the mod in question. When investigated the mod had a flaw that could exactly allow this kind of attack. Unless we talk to the actual hacker (and believe him) we can never be 100% sure but what we do know is good enough for me.
This was a very popular mod, over 14,000 downloads someone mentioned... It is also an important mod for larger communities. I'd imagine if you tried 5 active VB 3.x forums at random you'd find 1 running it. It wouldn't be hard to make a list of who runs it and exploit it. Also if the hacker has access to vBulletin.org he could see anyone who posted in the mod thread and follow links in their signatures or profile to their sites and make a list that way.
vBulletin Solutions/IB/ or XF had nothing to do with this. Believe me I believe A LOT of conspiracies but this was just a mod with a flaw that went unnoticed for a long time.Comment
Related Topics
Collapse
-
I just signed up for vbulletin. It is used in a lot of gaming communities. I am trying to build my own community and now have enough members to justify building a forum. So I know alot of the clans/gaming...
-
Channel: vB Cloud Support & Troubleshooting.
Wed 7 Jun '17, 8:25am -
Comment