MyBB-Plugins Forums

Full Version: GitHub Account Compromised
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
Pages: 1 2
Hi everyone,

Please read the official announcement: http://blog.mybb.com/2014/11/15/github-a...mpromised/
This forum was compromised?
Nope Smile
Okay, thanks for the info. ^^

But why all the forums are committed? Not all limited to GitHub? I don't understand this part.
The problem was that anyone that accessed their ACP and if a version check was done, it would execute JS code that would download a DB backup and send it to a remote website.
I don't understand anything lol.

What happend and what is wrong?
I have forum with 2 members so it's not important but I just wanna know...

How it's possible that all forums is commited because of one "hack" lol?

EDIT: Oh I understand now, thanks Pirata... My forum is affected than, I will just change pass...
(11-16-2014, 06:41 AM)Pirata Nervo Wrote: [ -> ]The problem was that anyone that accessed their ACP and if a version check was done, it would execute JS code that would download a DB backup and send it to a remote website.

Thank you, I understand now. ^^
I actually did 2 manual backups during this time, but both are showng my IP Address.
The times recorded are correct and I cant see anything untowards.
Does the attack record anything in the Admin logs or does it use an existing backup if it found one.
@Zyon please reset the update_check cache as well! On 1.8 it might have cached the data and it would run new backups the next time i gets executed. If you see again a new backup in your admin logs, please follow the same procedure as before to make sure they don't know your new password.
@Wozzer the IP would show as yourself in fact. If you're running 1.8, please check update_check cache just like mentioned in the updated blog post.

Please everyone re-read the blog post. In case you want to know more about the issue: http://community.mybb.com/thread-162942-...18562.html
Thanks - all  checked.
Although I dont seem to be affected, it has 'pushed' me into reviewing my site security Smile
Pages: 1 2