vBulletin informed users last week that all passwords had been reset after one of the vBulletin Germany servers was accessed by an unauthorized party.
vBulletin developer Paul Marsden said all passwords have been reset because the hacker who breached the vBulletin Germany server could have gained access to other vBulletin systems as well, such as vBulletin.com and vBulletin.org. The details of the attack will not be disclosed, but Marsden noted that the incident did not involve any vBulletin exploits. The vBulletin Germany forum does run vBulletin, but it doesn’t appear to have been targeted in this attack.Read more
Malicious actors have been targeting servers running vulnerable installations of the vBulletin forum software via a security hole patched by the developer earlier this month, Symantec warned. According to the security firm, as many as 2,500 daily hack attempts have been observed since November 5.
It appears the attackers have been trying to compromise servers by exploiting a serious vulnerability patched by vBulletin on November 2. Symantec says the attackers are first sending out requests designed to identify vulnerable vBulletin installations. Once a vulnerable server is found, the hackers download a malicious shell script to the compromised machine.Read more