vBulletin Forum Passwords Taken, Thousands Of Sites May be Affected

The vBulletin forums software has been breached, with hackers stealing customers’ password data. The breach – the latest in a series relating to vBulletin – could affect thousands of sites which use the popular bulletin board platform.

vBulletin staff have reset all passwords on its own user forum following evidence of the breach, but the software was in use at many other Internet sites, including MacRumors, where an attacker stole around 860,000 passwords last week, and Ubuntu Forums where an attack in July exposed 1.8 million user accounts. There are now fears that other vBulletin-based forums may also be exposed to danger.

Did you get the vBulletin memo?

One hacker group, Inj3ct0r, claimed on its Facebook page to have been behind both the MacRumours and vBulletin hack. The  group’s statement claims: “We found a critical vulnerability in vBulletin all versions 4.x.x and 5.х.x.

The group then offers a link to its site, where users are invited to pay for a patch, and justifies its actions, saying somewhat nonsensically: “We wanted to prove that nothing in this world is not safe”.

vBulletin, which is owned by Internet Brands, has not spoken about the wider danger, but has moved to secure its own bulletin board.

“Very recently, our security team discovered sophisticated attacks on our network, involving the illegal access of forum user information, possibly including your password,” it told users in a post on the vBulletin forum. “Our investigation currently indicates that the attackers accessed customer IDs and encrypted passwords on our systems. We have taken the precaution of resetting your account password. We apologise for any inconvenience this has caused but felt that it was necessary to help protect you and your account.”

Security experts have been critical of vBulletin for some time. Brian Krebs in August warned that thousands of vBulletin sites had been hacked because their owners missed a crucial memo from the software maker, detailing a vulnerability that users could leave open if they did not delete the “install” directory.

In 2011, game compny Valve Software’s  forums were breached because the company had not upgraded to the latest version of vBulletin.

Are you a security expert? Try our quiz!