|
GitHub Account Compromised
|
11-16-2014, 03:00 AM
Hi everyone,
Please read the official announcement: http://blog.mybb.com/2014/11/15/github-a...mpromised/
To download our paid plugins and receive support you must be a paid subscriber. Click here for more information.
11-16-2014, 05:40 AM
Nope
To download our paid plugins and receive support you must be a paid subscriber. Click here for more information.
11-16-2014, 05:51 AM
Okay, thanks for the info. ^^
But why all the forums are committed? Not all limited to GitHub? I don't understand this part.
11-16-2014, 06:41 AM
The problem was that anyone that accessed their ACP and if a version check was done, it would execute JS code that would download a DB backup and send it to a remote website.
To download our paid plugins and receive support you must be a paid subscriber. Click here for more information.
I don't understand anything lol.
What happend and what is wrong? I have forum with 2 members so it's not important but I just wanna know... How it's possible that all forums is commited because of one "hack" lol? EDIT: Oh I understand now, thanks Pirata... My forum is affected than, I will just change pass...
MyBB-Plugins Croatian translator
Translations for 1.8 will be made after translating MyBB 1.8, and it can take awhile
11-16-2014, 07:07 AM
11-17-2014, 08:11 PM
I actually did 2 manual backups during this time, but both are showng my IP Address.
The times recorded are correct and I cant see anything untowards. Does the attack record anything in the Admin logs or does it use an existing backup if it found one.
11-17-2014, 09:44 PM
@Zyon please reset the update_check cache as well! On 1.8 it might have cached the data and it would run new backups the next time i gets executed. If you see again a new backup in your admin logs, please follow the same procedure as before to make sure they don't know your new password.
@Wozzer the IP would show as yourself in fact. If you're running 1.8, please check update_check cache just like mentioned in the updated blog post. Please everyone re-read the blog post. In case you want to know more about the issue: http://community.mybb.com/thread-162942-...18562.html
To download our paid plugins and receive support you must be a paid subscriber. Click here for more information.
11-17-2014, 10:34 PM
Thanks - all checked.
Although I dont seem to be affected, it has 'pushed' me into reviewing my site security
|
|
« Next Oldest | Next Newest »
|
