Ubuntu Forums Hacked, 1.8 Million Passwords, E-Mails & Usernames Stolen

[harrybarracuda]

Ubuntu Forums Hacked, 1.8 Million Passwords, E-Mails & Usernames Stolen
BY JOEY-ELIJAH SNEDDON UNDER NEWS 7 HOURS AGO

The Ubuntu Forums have been hacked, with attackers grabbing data from more than 1.8 million users accounts.

‘Ubuntu One and Launchpad are not affected by the breach’
‘Every user’s local username, password, and email address [were stolen] from the Ubuntu Forums database’ Canonical say in a statement posted on the website, adding that while the ‘passwords (stolen) are not stored in plain text’ those who use the same password on other services should ‘change the password on the other service[s] ASAP.’

While data from the Forums has been compromised they stress that other services, such as Ubuntu One and Launchpad, ‘are not affected by the breach’.

Timeline

Reports of the forums being ‘defaced’ surfaced on late Saturday (July 20th). The main page was redirected to that of an image touting a twitter account – @Spuntn1k_ – and text that read: “You dun goofed, it’s as simple as that”.

Early Twitter accounts of the hack say that an unspecified music track was also played when accessing the homepage.

ubuntu forums hack

The Ubuntu Forum homepage was replaced with this image



So how did this happen? That’s the question Canonical will be trying to find out as soon as possible.

‘The forum was running an outdated version of vBulletin [without] admin panel protection’

Security blog Sucuri suggest that the hack may have been achieved due to lax protection on the backend. According to an un-named source they’ve been told that the forum was running an outdated version of vBulletin that ‘didn’t have the admin panel protected’.

Canonical has since redressed the breach, replacing the image with an announcement on what happened so far.

[Gerbil]

How awful. Must have affected all dozen or so of their users.

[harrybarracuda]

1.8 Million Passwords, E-Mails & Usernames Stolen

Arithmetic not one of your strong points then.

[Gerbil]

^ They were probably all multinics and Nigerian spammers

[harrybarracuda]

^ They were probably all multinics and Nigerian spammers

Nah, they're probably all nerds who spend all their time saying how insecure Windows is, etc.

[slackula]

Nah, they're probably all nerds who spend all their time saying how insecure Windows is, etc.

Reading is not one of your strong points then.

‘The forum was running an outdated version of vBulletin [without] admin panel protection’

[Boon Mee]

Never heard of 'em...

[harrybarracuda]

Nah, they're probably all nerds who spend all their time saying how insecure Windows is, etc.

Reading is not one of your strong points then.

‘The forum was running an outdated version of vBulletin [without] admin panel protection’

Really, and when was that part of Windows then?

Written in PHP
Operating system Cross-platform
Platform PHP / MySQL

[slackula]

Really, and when was that part of Windows then?

Sigh.



<thatsthejoke.jpg>

[harrybarracuda]

Perhaps you can explain it.

[slackula]

Perhaps you can explain it.

Really? OK then.

Your posts, especially the first and third, seemed to infer that the attack was possible because of a vulnerability in the OS when your article states that the attack was via a badly configured vBull installation.

You ribbed Gerbil for his arithmetic after he made a light-hearted comment and then I ribbed you after you made one. That is all, nothing was really meant by it. Sorry if it came across badly.

[harrybarracuda]

Your posts, especially the first and third, seemed to infer that the attack was possible because of a vulnerability in the OS

Really? Where was that then?

And my posts wouldn't "infer" anything, they'd "imply". I suggest you "inferred" a little too much.

[slackula]

And my posts wouldn't "infer" anything, they'd "imply"

Heh, I wrote 'imply' and then changed it to 'infer'. I always screw those two up.

[poorfalang]

‘The forum was running an outdated version of vBulletin [without] admin panel protection’

Isn't that the same as teakdoors?