Dark Web Sale of Millions of Accounts

vBulletin, a widely used forum software, has been compromised, potentially exposing millions of user accounts.

The breach was facilitated by a software vulnerability, specifically affecting versions 4.2.2 and 4.2.3.

The Forumrunner add-on was pinpointed as the weak link that allowed attackers to perform SQL Injection attacks.

The Vulnerability

The issue’s core lies in an SQL Injection vulnerability reported to the vBulletin team.

SQL Injection is an attack that allows attackers to execute malicious SQL commands in a web application’s database.

It can lead to unauthorized access to sensitive data, including user credentials, personal information, etc.

This particular vulnerability was found in the Forumrunner add-on of vBulletin 4, a component used to optimize forums for mobile devices.

Have I Been Pwned recently tweeted that the vBulletin forum suffered a data breach, compromising 2.6 million records.

Immediate Response

Upon discovery, the vBulletin team acted swiftly to mitigate the risk posed by this vulnerability.

Security patches for vBulletin versions 4.2.2 and 4.2.3 were released to address the issue. The patches are identified as:

• vBulletin 4.2.2 Patch Level 5
• vBulletin 4.2.3 Patch Level 1

 Users of the affected versions are urged to apply these patches immediately to secure their forums against potential attacks.

Furthermore, the release of vBulletin 4.2.4 Beta 2 includes the necessary fix, offering an additional upgrade path for users seeking to protect their platforms.

To secure their forums, vBulletin administrators should download the appropriate patch for their version and upload all files from the zip file to their server, ensuring to overwrite the existing files.

For those running versions of vBulletin 4 older than 4.2.2, a standard upgrade to the latest version is recommended, which would inherently include the security fixes.

Broader Implications

The breach has raised concerns over the security of forum software and the potential for sensitive user data to be compromised and sold on the dark web.

Millions of accounts could be at risk, underscoring the importance of timely updates and patches in safeguarding digital platforms.

This incident serves as a stark reminder of the ever-present threat of cyberattacks and the need for web administrators to be constantly vigilant.

The vBulletin team’s prompt response in releasing patches demonstrates a commitment to security and highlights the ongoing battle against cyber threats.

vBulletin users are strongly advised to take immediate action to update or patch their software to protect against this vulnerability.

The incident underscores the critical importance of cybersecurity measures in protecting user data and maintaining trust in digital platforms.

Stay updated on Cybersecurity news, Whitepapers, and Infographics. Follow us on LinkedIn & Twitter