Announcement

Collapse
No announcement yet.

Has Anyone Else Been Hacked?

Collapse
X
Collapse
First Prev Next Last
 
  • Filter
  • Time
  • Show
Clear All
new posts

    Has Anyone Else Been Hacked?

    So apparently there was a VB breach. I can no longer access my admin panel. The fix was supposed to be removing files from the /admin file. But mine was empty.

    Im screwed now. I am not technical. I need Glenn. And im concerned something happened to him. I cant even ban members if i had to.

    https://forum.vbulletin.com/forum/vb...-page-is-blank

    #2
    U & me too buddy. Totally lost without him.

    Comment


      #3
      Hmmm,
      Not sure I was looking for a like here but thanks anyway.

      I must say the membership response is a little tardy. Had expected that someone would have some idea of what's happened.
      I thought a family problem may be it since I know he has a young child.

      Oh well, for me I don't yet have my forum open so can wait until he's ready.

      Comment


        #4
        I was too hungover to respond. lol I have no idea what happened to him. I hope hes ok. But i need a VB tech to help me fix all sorts of issues. God forbid one of these plug ins needs help.

        Comment


          #5
          No problem,

          may I ask why you say HACKED.

          I get~ A System Error has occured.

          The software is experiencing a systems error.

          You should attempt to repeat your last action. If this error occurs again, please contact the site administrator.

          AND~ can't get into my admin at all, at all.
          BUT~ not sure if hacked or not.

          Comment


            #6
            No my admin page is just a blank white page. I pay Glenn to update my software etc. I need a VB tech to save my forum.

            This is probably what i have.

            https://arstechnica.com/information-...vbulletin-bug/

            Comment


            • O i O -U too
              O i O -U too commented
              Editing a comment
              I pay him too but for a lot more than just updates.

              Took a look at your link~ AND will get on to my hosts tomorrow, not available on weekends.
              Sure hope that that is NOT what has happened.
              BUT~ know from experience with Glenn that HE could identify the problem immediately AND SO like you will continue to pay him for just these sort of issues

            #7
            Plug ins. 20 themes. Updates. Hes done it all.

            Comment


              #8
              Might I ask what sort of forum you have then?

              Mine only has 1 theme at present BUT~ it looks nothing like a standard forum.

              Comment


                #9
                Its a football forum. For the Los Angeles Chargers

                Comment


                  #10
                  We were hit last week on 9/25. Many others were also hit by the Zero Day vB hack. vB has released a temp patch, but it's no good once you have been hacked.

                  https://forum.vbulletin.com/forum/vb...-5-3-and-5-5-4

                  We tried to recover by restoring our home root directory and our DB from a backup from the week prior, but discovered that it also looked they had messed with files on the servers main OS filesystems. We were fortunate our host provider Hostway was also performing full server backups (almost on a daily bases). We had them recover the whole server and then we were able to get back in, apply the patch, change all DB, FTP passwords. then change the user password expiry duration so it forced all users once they tried to log back in to immediately change their password also.

                  Definitely not a fun experience. Now I hear the patch is a temp fix and vB is supposed to release a more complete patch later. Ugh !

                  Now we fear getting hit again !

                  Comment


                    #11
                    Being that we are on the cloud, I did not notice anything except when they shut the site down to install the patch. Is that a benefit? I would assume they rush to secure those sites asap

                    Comment


                      #12
                      I just paid an arm and a leg to get my site fixed. VB ignored me for days. Im pissed.

                      Comment


                        #13
                        Yeah I was little pissed when the exploit came around. My site was not taken down, but they had killed the AdminCP and installed a mining script on the main hosting server, not within the VB install. This made it very difficult to solve as we could see the mining script process running, but for the life of us could not locate where, neither could the host experts which was highly annoying as they are pro's in this area.

                        In any case, we had to completely format the server and re-configure from the ground up, while annoying, this did mean we had a 100% clean server base to work from. We had to restore the site from backups, which meant we lost 24 hours worth of content, but it was a small price to pay overall. I am hoping this will be the last of powerful exploits we see, no software is perfect but hopefully a gaping hole will not be present in the future. Since the attack, we have upped out own security and the site is now behind a firewall/Anti malware protection to help mitigate smaller attacks, but it would never have helped against the Zero Day exploit due to the nature of the hole in the software so to speak.

                        Alas, we are still recovering but getting there.

                        Comment

                        Working...
                        X