vBulletin Forums Breached: Dark Web Sale of Millions of Accounts
[[{“value”:”
vBulletin, a widely used forum software, has been compromised, potentially exposing millions of user accounts.
The breach was facilitated by a software vulnerability, specifically affecting versions 4.2.2 and 4.2.3.
The Forumrunner add-on was pinpointed as the weak link that allowed attackers to perform SQL Injection attacks.
The Vulnerability
The issue’s core lies in an SQL Injection vulnerability reported to the vBulletin team.
SQL Injection is an attack that allows attackers to execute malicious SQL commands in a web application’s database.
It can lead to unauthorized access to sensitive data, including user credentials, personal information, etc.
This particular vulnerability was found in the Forumrunner add-on of vBulletin 4, a component used to optimize forums for mobile devices.
Have I Been Pwned recently tweeted that the vBulletin forum suffered a data breach, compromising 2.6 million records.
New breach: The forum for GSM-Hosting had 2.6M records breached in August 2016 and sold with 2 dozen other hacked websites. Data included email and IP address, username and salted MD5 password hash. 74% were already in @haveibeenpwned. Read more: https://t.co/Uebg30mtlZ
— Have I Been Pwned (@haveibeenpwned) March 27, 2024
Immediate Response
Upon discovery, the vBulletin team acted swiftly to mitigate the risk posed by this vulnerability.
Security patches for vBulletin versions 4.2.2 and 4.2.3 were released to address the issue. The patches are identified as:
vBulletin 4.2.2 Patch Level 5
vBulletin 4.2.3 Patch Level 1
Users of the affected versions are urged to apply these patches immediately to secure their forums against potential attacks.
Furthermore, the release of vBulletin 4.2.4 Beta 2 includes the necessary fix, offering an additional upgrade path for users seeking to protect their platforms.
To secure their forums, vBulletin administrators should download the appropriate patch for their version and upload all files from the zip file to their server, ensuring to overwrite the existing files.
For those running versions of vBulletin 4 older than 4.2.2, a standard upgrade to the latest version is recommended, which would inherently include the security fixes.
Broader Implications
The breach has raised concerns over the security of forum software and the potential for sensitive user data to be compromised and sold on the dark web.
Millions of accounts could be at risk, underscoring the importance of timely updates and patches in safeguarding digital platforms.
This incident serves as a stark reminder of the ever-present threat of cyberattacks and the need for web administrators to be constantly vigilant.
The vBulletin team’s prompt response in releasing patches demonstrates a commitment to security and highlights the ongoing battle against cyber threats.
vBulletin users are strongly advised to take immediate action to update or patch their software to protect against this vulnerability.
The incident underscores the critical importance of cybersecurity measures in protecting user data and maintaining trust in digital platforms.
Stay updated on Cybersecurity news, Whitepapers, and Infographics. Follow us on LinkedIn & Twitter
The post vBulletin Forums Breached: Dark Web Sale of Millions of Accounts appeared first on Cyber Security News.
“}]]
Cyber Security News