vBulletin (vB)
is an internet forum software widely used by website owners. Lately,
there has been a critical vulnerability in the software’s old versions
allowing hackers to breach any forum who hasn’t been updated to the
latest version.
Recently, a hacker going by the online handle of “CrimeAgency”
on Twitter is claiming to have hacked 126 vBulletin (vB) based web
forum stealing personal data of forum’s administrators and registered
users ending up leaking it on an underground hacking forum. The data was
scanned by online data mining and breach notification platform
Hacked-DB.
The data has been uploaded on hacking forms in .txt files.The hack was conducted between January
and Febuarary 2017 in which 819,977 user accounts were stolen from the
vulnerable forums. The stolen data includes email addresses, hashed
passwords, and 1681 unique IP addresses while the email count based on
domains is Gmail: 219,324 accounts, Outlook: 11,070 accounts, Yahoo:
108,777 accounts and Hotmail: 121,507 accounts. Screenshot shows emails and hashed passwords of usersAn overall majority of the hacked
forums are based on vBulletin 4.x which can be exploited by multiple
security vulnerabilities including SQL injection attacks. According to vBulletin support forums, the issue was reported in June 2016.
“A security issue was reported to
us that affects vBulletin 4. We have released security patches for
vBulletin 4.2.2 & 4.2.3 to account for this vulnerability. The issue
could potentially allow attackers to perform SQL Injection attacks via
the included Forumrunner add-on. It is recommended that all users update
as soon as possible. If you’re using a version of vBulletin 4 older
than 4.2.2, it is recommended that you upgrade to the latest version as
soon as possible.”
The websites using vBulletin can be easily identified using Google Dorks.
However, it looks like users are still using the outdated versions
of vBulletin, resulting in a large-scale data breach. Last year, several
high-profile forums suffered massive data breaches due to the very same
security flaw and the fact that all of them were using the outdated
version of vBulletin software.
The list of hacked forum is available on Pastebin. Remember, some of the forums mentioned in the list are NSFW.
The forums targeted last year include Clash of Clans’ Developer “Supercell,” Clash of Kings, Pakistan automotive giant PakWheels, Adult website Brazzers, Epic Games, ClixSense, hacking, trading forum w0rm.ws, Exile Mod games, LifeBoat, and Grand Theft Auto (GTA) Fan forum. If you are using an outdated version of vBulletin it is highly recommended to update your forum to the latest version.
0 comments:
Post a comment