Jump to content

OMG IPB 3 Got Hacked!


Kfir

Recommended Posts

Invision Tweaks, a known IPB support site has been hacked.
Look here: http://www.invisiontweaks.com/forums/index.php?/forum-7/announcement-2-hacked-by-team-evil-arab-hackers/
All posts are deleted.
I was shocked when I saw this.

Link to comment
Share on other sites

[quote name='BGarcia' date='31 August 2009 - 04:14 PM' timestamp='1251731648' post='1850887']
Doesn't seem like it was hacked more like an account was compromised.

Maybe. But I guess a Staff can't mass delete all posts. Am I right?

Link to comment
Share on other sites

[quote name='Kfir' date='31 August 2009 - 04:21 PM' timestamp='1251732112' post='1850892']
Maybe. But I guess a Staff can't mass delete all posts. Am I right?

Global mods can mass prune forum(s) if that's what you meant :unsure:


Bad too see though :( , but could of been anything (weak password / compromised email account etc etc) , I think if it was a "hack" then more than just that one account would of been compromised...

Link to comment
Share on other sites

[quote name='ΑndyF' date='31 August 2009 - 04:27 PM' timestamp='1251732447' post='1850895']
Global mods can mass prune forum(s) if that's what you meant :unsure:


Bad too see though :( , but could of been anything (weak password / compromised email account etc etc) , I think if it was a "hack" then more than just that one account would of been compromised...


That is a stupid thing to do. Staff shouldn't have the ability to delete content from the board.

Link to comment
Share on other sites

[quote name='Kfir' date='31 August 2009 - 05:03 PM' timestamp='1251734637' post='1850908']
That is a stupid thing to do. Staff shouldn't have the ability to delete content from the board.

It's always been like that as far as I can remember. Although I do agree personally I do not think anyone without ACP access should have access to the forum side prune tools. :)

Link to comment
Share on other sites

Please don't jump to conclusions that IPB itself was hacked. :) There are dozens of possibilities. If the owner believes it was IPB itself that was compromised, they are certainly free to submit a ticket and we will assist them to the best of our ability in tracking down how the hacker got in and what damage was done exactly.

Link to comment
Share on other sites

[quote name='ΑndyF' date='31 August 2009 - 01:13 PM' timestamp='1251738825' post='1850938']
It's always been like that as far as I can remember. Although I do agree personally I do not think anyone without ACP access should have access to the forum side prune tools. :)

But surely the same criteria applies? You wouldn't give access to your ACP to someone you don't trust. You, therefore, wouldn't make someone a member of staff if you didn't trust them.

Link to comment
Share on other sites

[quote name='bfarber' date='31 August 2009 - 07:11 PM' timestamp='1251742299' post='1850972']
Please don't jump to conclusions that IPB itself was hacked. :) There are dozens of possibilities. If the owner believes it was IPB itself that was compromised, they are certainly free to submit a ticket and we will assist them to the best of our ability in tracking down how the hacker got in and what damage was done exactly.

Link to comment
Share on other sites

Yes, certainly vulnerabilities will be found, it's inevitable. But let's not start a mass-panic because a single site was hacked. Could have been a modification they had installed, a bad password, insecure server so someone else on the same host had access to their files - who knows at this stage.

Link to comment
Share on other sites

[quote name='ΑndyF' date='31 August 2009 - 01:13 PM' timestamp='1251738825' post='1850938']
It's always been like that as far as I can remember. Although I do agree personally I do not think anyone without ACP access should have access to the forum side prune tools. :)

Is there a way to prevent them from having access to such tools?

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...