Was TDF site being Hacked???

[Anorion]

^that hapens to me sometimes when page has not fully loaded
I use opera

 

[The Sorcerer]

I am using Firefox, but also reflects in chrome and in my mobile.

 

[Skud]

I am using Firefox, but also reflects in chrome and in my mobile.

I am also using Firefox, but yeah it happens sometimes when page doesn't load properly.

 

[Faun]

i didn't click on the video. Was it good ?

 

[dashing.sujay]

Are you sure there's nothing wrong? Because the password seems to be visible on the screen when typed:
*i.imgur.com/sjM1bK9.png

(no, that's not my password )

It happens when the page has not loaded properly; browser independent.

 

[Zangetsu]

Are you sure there's nothing wrong? Because the password seems to be visible on the screen when typed:
*i.imgur.com/sjM1bK9.png

(no, that's not my password )

this...

I am also using Firefox, but yeah it happens sometimes when page doesn't load properly.

 

[Flash]

Did anybody check out the video???
how was it???

Question of the year..

 

[Ronnie11]

lol...@video...Seriously guys did you get to see it...

 

[flyingcow]

the video showed an arabic lady doing YOGA...

 

[kg11sgbg]

I think the Forum was hacked due to some VB exploits probably. The Website was fine.

Yes,Rishi you are right.
My bad,the forum page might had been hacked or @#$%^&!!!??? ,but the thinkdigit website was safe....

Requesting System Admins. and Moderators to be vigilant about our beloved and sensible Forum; for all of us the TDF members,such that we do not face any such problems.

 

[gamefreak4770k]

Question of the year..

ha ha
thanks?!?

 

[Vyom]

Yes. The site was hacked.

Yes it was hacked. Server files had to be reverted to a backup for a site issue, but unfortunately we went back to a backup that had the install directory as well. Hackers used a known flaw in VB to gain access to the admincp and set up a simple meta refresh for the default skin, which is why logged in members didn't see the redirect. Just another traffic stealing hack, by a script kiddie using a known flaw because of a little carelessness on our part. Apologies.

Don't worry about your passwords or personal data being hacked, because logs show they didn't access anything but the templates to get the redirect. Besides, all data is stored encrypted in vBulletin, so even I cannot read your passwords, though I can change them to something else. Theoretically, I could try and bruteforce your password using the encrypted hash that's stored in the database, but it would take about 10 years computing time per user, so certainly not worth the effort

vBulletin is secure and no worries. However, it does leave us with an egg in the face for overlooking something as simple as the install folder

For those interested in the vulnerability:
Potential vBulletin Exploit (vBulletin 4.1+, vBulletin 5+) - vBulletin Community Forum
*thehackernews.com/2013/09/major-vbulletin-based-websites-are.html


Update: Avatars set after the end of August may need to be set again, apologies

 

[kg11sgbg]

Thanks @Raaabo,and to System Admins. + Mods.

At least feeling safe and sound as according to the comments in @Vyoms section.

 

[skeletor]

Closing.