vBulletin Hack Exposes 820,000 Accounts from 126 Forums

Morethan 820,000 forum accounts have been leaked due to an attack which took advantage of a critical vulnerability in the older versions of the vBulletin, one of the most used Internet forum software.

A hacker named CrimeAgency has claimed on Twitter that he has hacked 126 forums running on vBulletin, stealing the personal data of the forum admins and also the registered users, before he leaked all this information in an underground hacking forum.

The breach notification platform Hacked-DB has verified the information and they managed to scan this data.

The Hack Read reported that the attack was conducted between January and February of 2017. The hacker has managed to get his dirty hands on 819,977 user accounts, which includes hashed passwords, email addresses, as well as the 1681 unique IP addresses. Most of the accounts are linked to Gmail – more than 219,000, followed by 121,000 Hotmail accounts and a 108,000 Yahoo accounts.

The hacker also seems to have used many security vulnerabilities reported to the vBulletin in a while back. These issues are fixed in a latest update of the software, but exploit still works on forums which have not bothered to update. Considering at least one of the issues dates back to last summer, this is sheer negligence or simple carelessness.

Checking which websites use vBulletin is quite easy, such as running Google Dorks, an exploit database.

This is not the first time vBulleting forums became victim to the hackers, and it certainly will not be the last one. While you may not really care whether your forum data has been stolen, you may care that your email account can be seen and maybe even hacked.

The complete list of forums that were affected by the hack can be found in a Pastebin and includes boards dedicated to games, torrent sites, artists, politics and adult movies, to name a few.

Related posts

Water Facilities Must Secure Exposed HMIs – Warns CISA

Microsoft December Patch Tuesday Arrived With 70+ Bug Fixes

NachoVPN Attack Risks Corporate VPN Clients