Hello There, Guest! › Register

MySubscriptions 2.2 released.
Looking for a custom plugin for your site? Ask here for a quote.

GitHub Account Compromised
#1

Hi everyone,

Please read the official announcement: http://blog.mybb.com/2014/11/15/github-a...mpromised/
To download our paid plugins and receive support you must be a paid subscriber. Click here for more information.
Reply
#2

This forum was compromised?
Reply
#3

Nope Smile
To download our paid plugins and receive support you must be a paid subscriber. Click here for more information.
Reply
#4

Okay, thanks for the info. ^^

But why all the forums are committed? Not all limited to GitHub? I don't understand this part.
Reply
#5

The problem was that anyone that accessed their ACP and if a version check was done, it would execute JS code that would download a DB backup and send it to a remote website.
To download our paid plugins and receive support you must be a paid subscriber. Click here for more information.
Reply
#6

I don't understand anything lol.

What happend and what is wrong?
I have forum with 2 members so it's not important but I just wanna know...

How it's possible that all forums is commited because of one "hack" lol?

EDIT: Oh I understand now, thanks Pirata... My forum is affected than, I will just change pass...
MyBB-Plugins Croatian translator

Translations for 1.8 will be made after translating MyBB 1.8, and it can take awhile
Reply
#7

(11-16-2014, 06:41 AM)Pirata Nervo Wrote: The problem was that anyone that accessed their ACP and if a version check was done, it would execute JS code that would download a DB backup and send it to a remote website.

Thank you, I understand now. ^^
Reply
#8

I actually did 2 manual backups during this time, but both are showng my IP Address.
The times recorded are correct and I cant see anything untowards.
Does the attack record anything in the Admin logs or does it use an existing backup if it found one.
Reply
#9

@Zyon please reset the update_check cache as well! On 1.8 it might have cached the data and it would run new backups the next time i gets executed. If you see again a new backup in your admin logs, please follow the same procedure as before to make sure they don't know your new password.
@Wozzer the IP would show as yourself in fact. If you're running 1.8, please check update_check cache just like mentioned in the updated blog post.

Please everyone re-read the blog post. In case you want to know more about the issue: http://community.mybb.com/thread-162942-...18562.html
To download our paid plugins and receive support you must be a paid subscriber. Click here for more information.
Reply
#10

Thanks - all  checked.
Although I dont seem to be affected, it has 'pushed' me into reviewing my site security Smile
Reply




Users browsing this thread: 1 Guest(s)