The Hacker News Logo
Subscribe to Newsletter

Major VBulletin based websites are vulnerable to Hackers; Pakistani forums defaced by Indian Hackers

vBulletin is a publishing suite that allows users to create and publish a variety of content, including: forums, blogs, and polls.

If you currently use an older version of vBulletin on your website, you might be opening up your site to an attack as some serious security vulnerabilities, which allows hackers to access your hosting admin panel.
Two Indian Hackers, going by virtual name Ne0-h4ck3r & Google-warri0r has developed an exploit of known vBulletin vulnerability, that can be used to add a user remotely to vBulletin customer panel with admin privileges.
According to Hackers, vBulletin versions 4.x.x.x are affected to their exploit. It isn’t quite clear the extent of the exploit, however, hundreds of major websites on vBulletin have been reported to be affected.

Here’s a list of some domains that have been used so far in this attack:
  • http://usasexguide.info/
  • http://www.desironak.com/
  • http://www.pakistanipoint.com
  • http://www.cssexam.com/forum.php
  • http://www.bankers.pk/ 
  • http://voiceofkarachi.com/
  • http://www.pakguns.com/
Hackers targeting Pakistani forums, as well as some USA based forums also i.e. Below you can see the database from usasexguide.info forum having thousands of registered users, was hacked by team recently.

vBulletin users are advised to upgrade to the latest version to fix the issue.

Have something to say about this article? Comment below or share it with us on Facebook, Twitter or our LinkedIn Group.
SHARE
Comments
Latest Stories
Best Deals

Newsletter — Subscribe for Free

Join over 500,000 information security professionals — Get the best of our cyber security coverage delivered to your inbox every morning.