Webmaster Forum

Go Back   Webmaster Forum > Web Development > Forum Management

Forum Management Discuss forum management topics including forum software, mods & plugins, developing high quality interactive communities, advertising revenue, forum security, dealing with spam, and more. Ideal for forum owners, administrators, and moderators.


Reply
 
Thread Tools Display Modes
Share |
  #1  
Old 07-25-2013, 07:51 AM
Snooks's Avatar
Snooks Snooks is offline
v7n Mentor
 
Join Date: 03-06-10
Location: Australia
Posts: 3,125
iTrader: 2 / 100%
SMF - Software Company Hacked.

I was very concerned today to read that the makers of SMF Forum software were hacked and a lot of vital information, including passwords were stolen.

If you have ever used SMF software, perhaps you should read this article and follow the advice.

Quote:
On the 22nd of July 2013, it was discovered that unauthorized access to our website and database has been obtained on the 20th of July.
The method is similar to the hacks that were recently conducted at other websites, even though those sites used other software.
One of the admins account password was discovered, and from there further escalation wasn't too difficult considering admin privileges can do just about anything.

Unfortunately, we are 100% sure that our user database has been stolen.
As such we HIGHLY RECOMMEND, even implore you, to:
You can read more at.........

http://www.simplemachines.org/commun...topic=508232.0
 
Reply With Quote

Advertisement

Advertisement

  #2  
Old 07-25-2013, 10:02 PM
snakeair snakeair is offline
Super Moderator - Rest in Peace 2018
 
Join Date: 12-31-07
Location: Medford, NJ
Posts: 54,771
iTrader: 3 / 100%
Wow, I didn't think they would get hacked as they should of coded security measures on there site.

There customers information is very important and having access to that can mess up a lot of peoples lives and forums they depend on.

Thanks for the link Snooks.
 
Reply With Quote
  #3  
Old 08-14-2013, 10:02 PM
simplyamazing12 simplyamazing12 is offline
Contributing Member
 
Join Date: 06-14-10
Posts: 897
iTrader: 0 / 0%
Security breaches aren't that uncommon in forum software.

VBulletin had a nasty exploit a few years back that allowed the hacker to make themselves the admin. PHPBB also had a similar issue too.
 
Reply With Quote
  #4  
Old 08-15-2013, 06:05 AM
megamoose's Avatar
megamoose megamoose is offline
v7n Mentor
 
Join Date: 06-04-06
Location: Guildford
Posts: 557
iTrader: 2 / 100%
At least from looking at the post, it seems it was an admin that slipped up. Maybe got phished or used the same password on another site that got hacked.

Doesn't look like it was an actual vulnerability in the software, which is good.
 
Reply With Quote
  #5  
Old 08-30-2013, 06:14 AM
dWhite dWhite is offline
Contributing Member
 
Join Date: 09-28-08
Posts: 4,338
iTrader: 5 / 100%
Quote:
Originally Posted by snakeair View Post
Wow, I didn't think they would get hacked as they should of coded security measures on there site.
Doesn't matter how good your security measures are, there is always at least one person out there that can break it.

Quote:
Originally Posted by simplyamazing12 View Post
PHPBB also had a similar issue too.
phpBB has a long track record of security issues, which is why I would never use or recommend it to anyone.

Quote:
Originally Posted by megamoose View Post
Doesn't look like it was an actual vulnerability in the software, which is good.
Mhmm. In the past few years, I've only seen half a handful of security problems in SMF software itself, which was quickly fixed upon discovery.
 
Reply With Quote
  #6  
Old 09-16-2013, 07:54 AM
komodovpn's Avatar
komodovpn komodovpn is offline
Junior Member
 
Join Date: 08-11-13
Posts: 27
iTrader: 0 / 0%
Security breaches happen to even the biggest conglomerates out there. It's really just a matter of how quickly/well they're able to deal with it.
 
Reply With Quote
  #7  
Old 09-17-2013, 10:43 AM
JamesLeeOnline's Avatar
JamesLeeOnline JamesLeeOnline is offline
Contributing Member
 
Join Date: 08-29-13
Location: Singapore
Posts: 165
iTrader: 0 / 0%
Quote:
Originally Posted by Snooks View Post
I was very concerned today to read that the makers of SMF Forum software were hacked and a lot of vital information, including passwords were stolen.

If you have ever used SMF software, perhaps you should read this article and follow the advice.



You can read more at.........

http://www.simplemachines.org/commun...topic=508232.0
more than security breach, it is caused because of bad security practice by one of the admins.
 
Reply With Quote
  #8  
Old 09-19-2013, 01:22 PM
Douglas's Avatar
Douglas Douglas is offline
Contributing Member
 
Join Date: 08-21-13
Location: Atlanta, GA
Posts: 61
iTrader: 0 / 0%
Quote:
Originally Posted by megamoose View Post
At least from looking at the post, it seems it was an admin that slipped up. Maybe got phished or used the same password on another site that got hacked.

Doesn't look like it was an actual vulnerability in the software, which is good.
I'm glad to see this posted. I have a long time tie-in with SMF (Douglas on those forums, btw), and was coming to post that they've confirmed that it's not a security issue within the SMF forum software itself.

A pretty danged good thing, because of how many sites I tech Admin or operate that utilize SMF, including a forum that JUST hit 7 million posts about 20 minutes ago and two other 1,000,000+ post forums.
 
Reply With Quote
Go Back   Webmaster Forum > Web Development > Forum Management

Reply


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


V7N Network
Get exposure! V7N I Love Photography V7N SEO Blog V7N Directory


All times are GMT -7. The time now is 07:17 AM.
Powered by vBulletin
Copyright 2000-2014 Jelsoft Enterprises Limited.
Copyright © 2003 - 2018 VIX-WomensForum LLC