Gotyc Posted July 21, 2013 Report Posted July 21, 2013 The Ubuntu Forums have been hacked, with attackers grabbing data from more than 1.8 million users accounts.‘Ubuntu One and Launchpad are not affected by the breach’ ‘Every user’s local username, password, and email address [were stolen] from the Ubuntu Forums database’ Canonical say in a statement posted on the website, adding that while the ‘passwords (stolen) are not stored in plain text’ those who use the same password on other services should ‘change the password on the other service ASAP.’While data from the Forums has been compromised they stress that other services, such as Ubuntu One and Launchpad, ‘are not affected by the breach’.TimelineReports of the forums being ‘defaced’ surfaced on late Saturday (July 20th). The main page was redirected to that of an image touting a twitter account – @Spuntn1k_ – and text that read: “You dun goofed, it’s as simple as that”.Early Twitter accounts of the hack say that an unspecified music track was also played when accessing the homepage.ubuntu forums hackThe Ubuntu Forum homepage was replaced with this imageSo how did this happen? That’s the question Canonical will be trying to find out as soon as possible.‘The forum was running an outdated version of vBulletin [without] admin panel protection’Security blog Sucuri suggest that the hack may have been achieved due to lax protection on the backend. According to an un-named source they’ve been told that the forum was running an outdated version of vBulletin that ‘didn’t have the admin panel protected’.Canonical has since redressed the breach, replacing the image with an announcement on what happened so far.Sursa bitdefender.. Quote
Matt Posted July 21, 2013 Report Posted July 21, 2013 Cred ca ma gasesc si eu prin parolele si username-urile alea. Quote
Gotyc Posted July 21, 2013 Author Report Posted July 21, 2013 Parca ii vad pe anonymous cu un video ca ei o facut si multe altele:)) niste prafi Quote
lutulik Posted July 21, 2013 Report Posted July 21, 2013 (edited) omgubuntu.com Edited July 21, 2013 by lutulik Quote
Domnul.Do Posted July 21, 2013 Report Posted July 21, 2013 Mai inainte am trimis cateva XSS-uri si sunt curios cum pun problema in acesta situatieUpdate:Multumesc lutulik , daca nu prezinta interes trimit la adresa respectiva un "Tip" Quote
