Looking for custom plugin?
The website is for sale. Check here for more information.
MyBB-Plugins Forums  /  MyBB-Plugins  /  MyBB-Plugins News v  / 

GitHub Account Compromised
This forum uses cookies
This forum makes use of cookies to store your login information if you are registered, and your last visit if you are not. Cookies are small text documents stored on your computer; the cookies set by this forum can only be used on this website and pose no security risk. Cookies on this forum also track the specific topics you have read and when you last read them. Please confirm whether you accept or reject these cookies being set.

A cookie will be stored in your browser regardless of choice to prevent you being asked this question again. You will be able to change your cookie settings at any time using the link in the footer.
Thread Modes
GitHub Account Compromised
Diogo Parrinha Offline
Administrator
*******
Posts: 23,139
Threads: 232
Joined: Oct 2009
Reputation: 305
#1
11-16-2014, 03:00 AM
Hi everyone,

Please read the official announcement: http://blog.mybb.com/2014/11/15/github-a...mpromised/
To download our paid plugins and receive support you must be a paid subscriber. Click here for more information.
Find
Reply
Joseahfer Offline
MyBB Noob
*
Posts: 48
Threads: 18
Joined: Jun 2013
Reputation: 10
#2
11-16-2014, 05:33 AM
This forum was compromised?
Find
Reply
Diogo Parrinha Offline
Administrator
*******
Posts: 23,139
Threads: 232
Joined: Oct 2009
Reputation: 305
#3
11-16-2014, 05:40 AM
Nope Smile
To download our paid plugins and receive support you must be a paid subscriber. Click here for more information.
Find
Reply
Joseahfer Offline
MyBB Noob
*
Posts: 48
Threads: 18
Joined: Jun 2013
Reputation: 10
#4
11-16-2014, 05:51 AM
Okay, thanks for the info. ^^

But why all the forums are committed? Not all limited to GitHub? I don't understand this part.
Find
Reply
Diogo Parrinha Offline
Administrator
*******
Posts: 23,139
Threads: 232
Joined: Oct 2009
Reputation: 305
#5
11-16-2014, 06:41 AM
The problem was that anyone that accessed their ACP and if a version check was done, it would execute JS code that would download a DB backup and send it to a remote website.
To download our paid plugins and receive support you must be a paid subscriber. Click here for more information.
Find
Reply
Ikerepc Offline
MyBB-Plugins Helper
*
Posts: 28
Threads: 12
Joined: Jun 2014
Reputation: 0
#6
11-16-2014, 06:45 AM (This post was last modified: 11-16-2014, 06:48 AM by Ikerepc.)
I don't understand anything lol.

What happend and what is wrong?
I have forum with 2 members so it's not important but I just wanna know...

How it's possible that all forums is commited because of one "hack" lol?

EDIT: Oh I understand now, thanks Pirata... My forum is affected than, I will just change pass...
MyBB-Plugins Croatian translator

Translations for 1.8 will be made after translating MyBB 1.8, and it can take awhile
Find
Reply
Joseahfer Offline
MyBB Noob
*
Posts: 48
Threads: 18
Joined: Jun 2013
Reputation: 10
#7
11-16-2014, 07:07 AM
(11-16-2014, 06:41 AM)Pirata Nervo Wrote: The problem was that anyone that accessed their ACP and if a version check was done, it would execute JS code that would download a DB backup and send it to a remote website.

Thank you, I understand now. ^^
Find
Reply
Wozzer Offline
MyBB Noob
*
Posts: 57
Threads: 1
Joined: Nov 2014
Reputation: 0
#8
11-17-2014, 08:11 PM
I actually did 2 manual backups during this time, but both are showng my IP Address.
The times recorded are correct and I cant see anything untowards.
Does the attack record anything in the Admin logs or does it use an existing backup if it found one.
Find
Reply
Diogo Parrinha Offline
Administrator
*******
Posts: 23,139
Threads: 232
Joined: Oct 2009
Reputation: 305
#9
11-17-2014, 09:44 PM
@Zyon please reset the update_check cache as well! On 1.8 it might have cached the data and it would run new backups the next time i gets executed. If you see again a new backup in your admin logs, please follow the same procedure as before to make sure they don't know your new password.
@Wozzer the IP would show as yourself in fact. If you're running 1.8, please check update_check cache just like mentioned in the updated blog post.

Please everyone re-read the blog post. In case you want to know more about the issue: http://community.mybb.com/thread-162942-...18562.html
To download our paid plugins and receive support you must be a paid subscriber. Click here for more information.
Find
Reply
Wozzer Offline
MyBB Noob
*
Posts: 57
Threads: 1
Joined: Nov 2014
Reputation: 0
#10
11-17-2014, 10:34 PM
Thanks - all  checked.
Although I dont seem to be affected, it has 'pushed' me into reviewing my site security Smile
Find
Reply





Users browsing this thread: 1 Guest(s)

About MyBB-Plugins

Plug Yourself into the best MyBB AddOn.

Copyright © 2009-2021 MyBB-Plugins Forums.

Quick Links

Statistics

  • 51,000+ Posts
  • 19,000+ Members
  • 3,600+ Threads

Impressed? For sure
Check Full Stats here