On Sunday, the vBulletin official website has been hacked by an attacker using the moniker “Coldzer0.” The website has been defaced and the vBulletin forum was displaying the message “Hacked by Coldzer0.”
At the time I was writing the website is down for maintenance and there are no details on the attack, according to DataBreaches.net, vBulletin, Foxit Software forums have been hacked by Coldzer0 that has stolen hundreds of thousands of users’ records.
The hacker published screenshots that show he managed to upload a shell to the vBulletin forum website and accessed user personal information, including user IDs, names, email addresses, security questions and answers, and password salts).
I suggest users to change their passwords as soon as possible, especially if they share the same credentials across other websites.
DataBreaches.net has linked the online moniker “Coldzer0” to the malware analyst and security researcher Mohamed Osama. The Egyptian expert Osama has promptly removed all references to the vBulletin attack from his social media accounts. Osama has also deleted his personal website, coldroot.com, after his name was in the headlines due to the attack to vBulletin.
The hacker claims to have exploited a zero-day vulnerability affecting the vBulletin forum to hack the popular application.
It is not the first time that hackers target vBulletin, in 2013 experts at Security firm Imperva discovered that more than 35000 websites based on vBulletin CMS were hacked exploiting a known vulnerability.
(Security Affairs – vBulletin forum, hacking)
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.