Forum software maker vBulletin has been hacked
The forum of forum software developer vBulletin was hacked last weekend. According to reports on the web, the perpetrator obtained the data of nearly half a million users of the forum. This would include email addresses and secret questions and answers.
The alleged perpetrator, Coldzer0, is said to be a man named Mohamed Osama, a malware analyst based in Dubai. According to information from Databreaches.net and @Cyber_War_News, he claimed responsibility for the hack in multiple ways, but then also deleted his messages. For example, he would have put a video on YouTube in which he recorded the hack and he would also have made it known on Facebook with evidence that he is behind the hack. According to an tweet from a Microsoft security expert, it would be almost 500,000 accounts.
Forum administrator vBulletin itself has not yet released anything about the situation. At the time of writing the website is offline but the company does not leave anything loose on Twitter. Previously, the vBulletin forum index page would have been replaced by the text ‘Hacked By Coldzer0’, but that is no longer the case.
The vBulletin forum runs on version 5 of the software. It’s not clear at this point if that means all vBulletin 5 forums are vulnerable, but that’s not out of the question. It’s not exactly clear how Osama gained access to vBulletin’s servers, but his screenshots indicate that he was able to gain shell access and browse freely through the system’s directories. For users of the vBulletin forum, it is recommended to change their password there and see if they use the same secret Q&A combination elsewhere. In 2013, vBulletin also fell victim to a hack.
Osama claims to @Cyber_War_News that he committed the same hack at Foxit Corporation’s forums. There he would have stolen the information of 260,000 accounts. However, that forum is still online and there is no further confirmation of a hack in that case.
Update, Tuesday 03-11, 12.15: vBulletin has announced security updates for versions 5.1.4 through 5.1.9 of vBulletin Connect.