UBB.Developers Forums UBB.threads 7 Development How Do I? ubbcentral got hacked ...

it says

[]Hello there, your system got hacked. Fix your system instantly, before you're putting your website back.

Some useful urls for you:

www.net-security.org
secunia.com
www.zone-h.org
www.securityfocus.com

Cheers, effdee[/]

weird. lotsa 404´s, seems a little bit destrucive for "hackers".
not good, I need a place to rant about bugs ...

damn, they´re quick!
Everything up and running again!

Yes, we noticed shortly after the defacement. It was an automated thing. They just moved the site into another directory.

We're working on locating the actual method that he used. Rather, we know what he did, we're just not entirely sure how he was able to do it.

This does not appear to be a security issue with any of our products.

I think alot of issues have been related to the phpBB and PHP thing. I've had some sites hacked (on Vertex Servers) - usually some message in russian or something. Hopefully now that school is back in session the script kiddies will have homework to do instead.

Bah - shortly after hearing from navaho about this, we got hacked too . Same thing, kind of harmless, they moved this whole site into a directory and made a new index page.

Is this anything to worry about for the rest of us?

No - I think somehow our FTP password here was comprimised, they had specificially logged into the web hosting control panel.

hmmmm, intresting.
If anyone finds out how it got compromised, could you let us know?
Would be intresting to know if it was a dictonary/bruteforce attack or something more cunning....

Yeah, still investigating. Navaho is a sharp cookie and helped solve it.

The "hacker" used a flaw in a piece of software (not .threads or anyting else Infopop produces) running on a customer's site that had a vulnerability posted earlier in the week. The customer had not yet updated and the "hacker" was allowed to upload a file he should not have been able to upload. As it happened the FTP password matched the MySQL password and all that he needed to do was read config.inc. Same for this site.

The vulnerability is one that existed but was fixed in threads long long ago. It didn't check file extensions properly and a .jpg.php file got by it's checks. The software in question, while good I'm sure, is no where as mature as .threads. As it gains in popularity it'll be subjected to the same things threads has been subjected to and I'm sure the author will do a fine job keeping it as secured as can be.

Moral of the story here - keep your software up to date and keep your passwords all different and difficult, when ever possible.

Thanks for the headsup!
I think I know what software we are talking about here....lol