Register Members List Search Today's Posts Mark Forums Read

Closed Thread
 
Thread Tools
  #91  
Old 17 Nov 2013, 13:02
findingpeace's Avatar
findingpeace findingpeace is offline
 
Join Date: Nov 2011
Originally Posted by ozzy47 View Post
No if you have the latest release, and deleted your install directory, you are fine.
Thank you, ozzy!

--------------- Added 17 Nov 2013 at 14:12 ---------------

Hi, upon entering this subforum (vB4 General Discussions), I was prompted with a password popup saying I needed to authenticate myself. Was this a server glitch, or is there still some sort of malicious / phishing code on the servers?

Thanks

--------------- Added 17 Nov 2013 at 14:13 ---------------

Here is a screenshot



--------------- Added 17 Nov 2013 at 14:14 ---------------

This is actually happening whenever I load any subforum. The rest of the site (threads, forum home, etc) don't seem to be effected.
  #92  
Old 17 Nov 2013, 14:20
qpurser qpurser is offline
 
Join Date: Aug 2011
Got the same here since this morning.
  #93  
Old 17 Nov 2013, 14:21
ozzy47's Avatar
ozzy47 ozzy47 is offline
 
Join Date: Aug 2009
Real name: Chris
I would not enter anything in that box till we know what is going on.
__________________
You can get access to my 180 mods for vB 3.6 - 4.x at The Admin Zone as well as the professional support you are used to. New vBulletin Spider Definitions, vBulletin Spiders List Hits 1000 Spiders! ​ OzzModz down. Site has had a data breach, checking how the intrusion happened. Change your PW if you use the same one on my site and others.
  #94  
Old 17 Nov 2013, 17:20
Disco_Dave's Avatar
Disco_Dave Disco_Dave is offline
 
Join Date: May 2011
I had it also, seems to have gone now.
__________________
www.nirc.co.uk
  #95  
Old 17 Nov 2013, 17:22
ozzy47's Avatar
ozzy47 ozzy47 is offline
 
Join Date: Aug 2009
Real name: Chris
Yeah I believe Lynne deleted the announcement that was causing the issue.
__________________
You can get access to my 180 mods for vB 3.6 - 4.x at The Admin Zone as well as the professional support you are used to. New vBulletin Spider Definitions, vBulletin Spiders List Hits 1000 Spiders! ​ OzzModz down. Site has had a data breach, checking how the intrusion happened. Change your PW if you use the same one on my site and others.
  #96  
Old 17 Nov 2013, 17:25
Disco_Dave's Avatar
Disco_Dave Disco_Dave is offline
 
Join Date: May 2011
Cool
__________________
www.nirc.co.uk
  #97  
Old 17 Nov 2013, 18:03
Chris8's Avatar
Chris8 Chris8 is offline
 
Join Date: Nov 2009
I have only asked for the details for which I believe I have the right as the customer who paid for the licenses and I have only pointed to the things you wrote yourself not assuming for sure anything. But you removed it from my post. Wow... you are hilarious vb team. The customer data is now stolen in a 3rd party hands and you try to silent CUSTOMERS who just ask for some details/support. Way to go... huh. Not nice.
__________________
  #98  
Old 17 Nov 2013, 18:06
ozzy47's Avatar
ozzy47 ozzy47 is offline
 
Join Date: Aug 2009
Real name: Chris
If you feel you need clarification on Paul's decision, please do so in private.
  1. Staff decisions are final. Ultimately, staff has complete discretion over what is and is not acceptable on the site.
  2. Public discussions of staff decisions are not permitted on the site. If you have any concerns or queries relating to a staff decision, please take it up in private with a member of the site administration team.
__________________
You can get access to my 180 mods for vB 3.6 - 4.x at The Admin Zone as well as the professional support you are used to. New vBulletin Spider Definitions, vBulletin Spiders List Hits 1000 Spiders! ​ OzzModz down. Site has had a data breach, checking how the intrusion happened. Change your PW if you use the same one on my site and others.
  #99  
Old 17 Nov 2013, 18:13
Chris8's Avatar
Chris8 Chris8 is offline
 
Join Date: Nov 2009
I think a bit of some good manners applies to everyone, no?
__________________
  #100  
Old 17 Nov 2013, 18:36
Max Taxable's Avatar
Max Taxable Max Taxable is offline
 
Join Date: Feb 2011
Originally Posted by Chris8 View Post
The customer data is now stolen in a 3rd party hands
That's not known for sure. Read paul's posts, what he says is what they know. he never said the customer data is in 3rd party hands.
  #101  
Old 17 Nov 2013, 18:53
findingpeace's Avatar
findingpeace findingpeace is offline
 
Join Date: Nov 2011
Originally Posted by Max Taxable View Post
That's not known for sure. Read paul's posts, what he says is what they know. he never said the customer data is in 3rd party hands.
Doesn't this post from Paul mean customer data is in 3rd party hands?

They then appear to have cracked a mysql user password for the Live DB server, and used it (via adminer) to read the vb.com and vb.org user tables.
Apologies if I'm misreading, but if they read the user tables, then it's also likely they now have the data, right? Even if it's encrypted, that's a little scary to me. I hate the idea of my email address with a bunch of hackers. Freaks me out.
  #102  
Old 17 Nov 2013, 18:58
Max Taxable's Avatar
Max Taxable Max Taxable is offline
 
Join Date: Feb 2011
Originally Posted by findingpeace View Post
Doesn't this post from Paul mean customer data is in 3rd party hands?



Apologies if I'm misreading, but if they read the user tables, then it's also likely they now have the data, right? Even if it's encrypted, that's a little scary to me. I hate the idea of my email address with a bunch of hackers. Freaks me out.
Yes thanks for pointing that out, that slipped by me. My apologies. It sure does sound like he is saying that.
  #103  
Old 17 Nov 2013, 19:00
Digital Jedi's Avatar
Digital Jedi Digital Jedi is offline
 
Join Date: Oct 2006
Real name: Mark Daniel Martinez
Originally Posted by findingpeace View Post
Doesn't this post from Paul mean customer data is in 3rd party hands?



Apologies if I'm misreading, but if they read the user tables, then it's also likely they now have the data, right? Even if it's encrypted, that's a little scary to me. I hate the idea of my email address with a bunch of hackers. Freaks me out.
Nope, Paul said that they targeted the user tables. The forum. Not customer data. Not the same thing.
__________________
  #104  
Old 17 Nov 2013, 19:02
findingpeace's Avatar
findingpeace findingpeace is offline
 
Join Date: Nov 2011
Originally Posted by Digital Jedi View Post
Nope, Paul said that they targeted the user tables. The forum. Not customer data. Not the same thing.
Well I am a vBulletin customer, and it is my data I get what you are saying though, I'm just being a spaz - at least it's not our credit card or license info.
  #105  
Old 17 Nov 2013, 21:09
Chris8's Avatar
Chris8 Chris8 is offline
 
Join Date: Nov 2009
But the thing that is essentially concerning me now the most here in this whole mess actually is:
Supposedly if they had access to write/modify files on vb.com and vb.org servers (By the way, isn't it the same server? Or Vb.com is on separate server from Vb.org?) are all downloadable scripts, mods, templates safe? I mean, assuming they had that access they could for example change certain mods or themes code to put vulnerabilities into them so they can hack other websites powered by vbulletin later.

So, ideally if vb staff knows they had such access vb staff should do the diff of all downloadable content against the backups from the time before it happened to make sure people are safe when downloading and installing new content on their forums/servers.
Also I would be more calm if they (you - I guess people in charge/responsible for vb here read this) could make a statement assuring your customers that everything is safe and nothing was modified or if there was anything modified that you took care to fix it.
__________________
Closed Thread

Similar Threads
Thread Thread Starter Forum Replies Last Post
Mad-Silence styles Rafdin vBulletin 3.7 Styles 9 01 Dec 2008 08:37



Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


New To Site? Need Help?

All times are GMT. The time now is 00:07.

Layout Options | Width: Wide Color: