TDF Upgraded - Post bugs here please

[Flash]

Oh. Mine is visible in my system. Maybe it's loading from Cache.
Am able to see avatars of sujay, amjath, gollum, rcuber and harshil's avatar.

 

[amjath]

But not for others.

In this page itself, yours, Rishi's, Gearbox's avatar are not loading.

My post is edited, u see i have issues with forgetting i left "not" in my post

Oh. Mine is visible in my system. Maybe it's loading from Cache.
Am able to see avatars of sujay, amjath, gollum, rcuber and harshil's avatar.

my avatar is not seen any post and my profile too

 

[aaruni]

The hack maybe based on the ads ? since it doesn't affect already logged in users with the other theme.

 

[snap]

some of the members avatars are not visible

 

[Flash]

Time to upgrade the forum software..

 

[amjath]

Time to upgrade the forum software..

checked vbulletin thats a lot of money bro.

 

[Raaabo]

Yes it was hacked. Server files had to be reverted to a backup for a site issue, but unfortunately we went back to a backup that had the install directory as well. Hackers used a known flaw in VB to gain access to the admincp and set up a simple meta refresh for the default skin, which is why logged in members didn't see the redirect. Just another traffic stealing hack, by a script kiddie using a known flaw because of a little carelessness on our part. Apologies.

Don't worry about your passwords or personal data being hacked, because logs show they didn't access anything but the templates to get the redirect. Besides, all data is stored encrypted in vBulletin, so even I cannot read your passwords, though I can change them to something else. Theoretically, I could try and bruteforce your password using the encrypted hash that's stored in the database, but it would take about 10 years computing time per user, so certainly not worth the effort

vBulletin is secure and no worries. However, it does leave us with an egg in the face for overlooking something as simple as the install folder

For those interested in the vulnerability:
Potential vBulletin Exploit (vBulletin 4.1+, vBulletin 5+) - vBulletin Community Forum
*thehackernews.com/2013/09/major-vbulletin-based-websites-are.html


Update: Avatars set after the end of August may need to be set again, apologies

 

[Hrishi]

^^ I thought , the install directories were deleted right after Forum installation for security purpose. !!

 

[Raaabo]

They usually are, but put back to upgrade, and sometimes forgotten about. vBulletin usually only asks you to only delete or rename /install/install.php as this allows you to continue to upgrade with scripts. About a month ago they gave us early warning about this exploit, and we immediately deleted the install folder, but when we replaced files with a backup, we forgot to delete the install folder again, and thus a well known exploit that every script kiddie out there was already aware of was made available to everyone.

Just sheer carelessness on my part, my apologies!

 

[snap]

yesterday saw a new admin not listed in the site leaders page was it you guys or the hacker gained admin rights?

 

[Hrishi]

They usually are, but put back to upgrade, and sometimes forgotten about. vBulletin usually only asks you to only delete or rename /install/install.php as this allows you to continue to upgrade with scripts. About a month ago they gave us early warning about this exploit, and we immediately deleted the install folder, but when we replaced files with a backup, we forgot to delete the install folder again, and thus a well known exploit that every script kiddie out there was already aware of was made available to everyone.

Just sheer carelessness on my part, my apologies!

Well that clearly is a sign of how many script kiddies are hugging around the TDF site , trying to find an exploit every now and then.
But it's good that we haven't lost anything , except the Avatar.

 

[amjath]

They usually are, but put back to upgrade, and sometimes forgotten about. vBulletin usually only asks you to only delete or rename /install/install.php as this allows you to continue to upgrade with scripts. About a month ago they gave us early warning about this exploit, and we immediately deleted the install folder, but when we replaced files with a backup, we forgot to delete the install folder again, and thus a well known exploit that every script kiddie out there was already aware of was made available to everyone.

Just sheer carelessness on my part, my apologies!

That's okay mistakes happens, u donbt have to ask apologies in every post

yesterday saw a new admin not listed in the site leaders page was it you guys or the hacker gained admin rights?

Who the one starts with name "Chain"

 

[Flash]

yesterday saw a new admin not listed in the site leaders page was it you guys or the hacker gained admin rights?

Chainsaw.

 

[Hrishi]

Chainsaw.

lol , I don't think so.

 

[snap]

nope i don't remember the name but i think it starts with 'm'

 

[Hrishi]

That's okay mistakes happens, u donbt have to ask apologies in every post



Who the one starts with name "Chain"

I think he was in Orange Dress code , since 2011.

Chainsaw.

He'll Ban you now . ahahah

 

[Flash]

lol , I don't think so.

No. we did.

 

[Raaabo]

Chainsaw is Soham Raninga, Editor of thinkdigit.com

Yeah the various ones with m------ were the hacker accounts which are cleaned out now

 

[Raaabo]

ok IT team finished upgrading to 4.2.1

Please report bugs / missing stuff if any here

 

[amjath]

Icon in browser tab showing vbulletin's icon