MyBroadband admin security issue, code injection in footer

[Compton_effect]

And how many new accounts have suddenly been created with suspicious first posts?

 

[DTBA]

I guess RPM made his password BigBoy

And yea

 

[Yuu]

Phewww, glad you guys are so knowledgeable about how to fix these things.

I thought i said or did something very bad (no, to my knowledge haven't) and uncle RPM disabled my posting .

I would send an email to ALL members to change their passwords irrespective of whether they were able to gain access to the database. I know that even if it was a smaller thing that happened, still take precautions.

Thanks HavocXphere - you rock bro

 

[DrJohnZoidberg]

Phewww, glad you guys are so knowledgeable about how to fix these things.

I thought i said or did something very bad (no, to my knowledge haven't) and uncle RPM disabled my posting .

I would send an email to ALL members to change their passwords irrespective of whether they were able to gain access to the database. I know that even if it was a smaller thing that happened, still take precautions.

Thanks HavocXphere - you rock bro

First thing I did when I heard.

 

[Fulcrum29]

Brings back memories related to that thread which contained this: http://www.bugmenot.com/view/mybroadband.co.za

 

[Necuno]

I guess RPM made his password BigBoy*

And yea

or god, sex ? :twisted:

 

[Kornhub]

Phewww, glad you guys are so knowledgeable about how to fix these things.

I thought i said or did something very bad (no, to my knowledge haven't) and uncle RPM disabled my posting .

I would send an email to ALL members to change their passwords irrespective of whether they were able to gain access to the database. I know that even if it was a smaller thing that happened, still take precautions.

Thanks HavocXphere - you rock bro

I thought I was banned or something

 

[I.am.Sam]

is this the end of mybb ?

are they going to take over our lives ?

are there going to be cloned accounts like facebook ?

 

[DJ...]

Well tapatalk said I had the incorrect username or password two days ago even though nothing had changed. I put in my usual mybb details and it logged me in again.

I thought that was rather odd...

 

[DrJohnZoidberg]

I was just worried about the database of PMs. Tons of private information going around there, like ISP account details.

 

[Yuu]

I thought I was banned or something

You better message me when there is competitions again or else..... :O

I was just worried about the database of PMs. Tons of private information going around there, like ISP account details.

So true, am sure his thought about sending everyone an email but we are here to push him to do it sooner rather than later .

One good thing is this will let RPM and the techs to strengthen the security . Isn't this why there is a love/hate war with hackers ;-)

 

[Dark Agent]

All I found lately is that when you want to "edit" or "reply with quote" the display ( Chrome) would be very slow not updating the page as if it doing something else with cursor flashing yet if I open the edit or quote links in new page it would work most of the times immediately and I could post the reply or edited changes still before the other original page updated. I then rather closed that page as it seems lost but sometimes if left open after quite a while it would recover. Sometimes I will get a chrome window saying the server is not available when posting. Maybe not related but maybe gives you a clue what happening on our sides.

Also experiencing the same issue as @Seriously you cannot "Reply with Quote". This problem occurred about 3 - 5 days ago if not mistaken or even last week sometime on firefox. Also noticed that sometimes my browser keeps on freezing being on this website (not sure if it is the flash content).

Should we also monitor our email for anything suspicious.

So it was not only me having this issue
I pm rpm yesterday with that issues.

Well tapatalk said I had the incorrect username or password two days ago even though nothing had changed. I put in my usual mybb details and it logged me in again.

I thought that was rather odd...

I was randomly logout, despite the keep signin was ticked.

 

[|tera|]

I was also logged out of all my devices today, phone, pc's etc.

Was it a system wide security thing initiated by rpm or what gives?

 

[rpm]

I was also logged out of all my devices today, phone, pc's etc. Was it a system wide security thing initiated by rpm or what gives?

Nothing from our side. We did most of the work on Thursday and Friday.

 

[|tera|]

Trying to quote you, but it won't rpm.

I just logged onto my pc at home, it's fine and logged in. I forgot that I don't "remember me" my pc at work, so it's a false alarm. I also remember that I had my Opera Mini open the whole night on my Blackberry, so it might have cleared the cookie for some odd reason, since I always close it and never leave it running.

Sorry for the false alarm.

 

[Lucas Buck]

I could not reply in any of the threads since yesterday because the reply box was missing. I changed my password and cleared all history in firefox which sorted out the problem.

 

[Scott]

When I arrive on the homepage I am logged out, when I click through to a thread and the page loads I am logged in.

 

[DJ...]

When I arrive on the homepage I am logged out, when I click through to a thread and the page loads I am logged in.

There's no login required nor login indication on the main news page. Only the forums to the best of my knowledge...

 

[Rocket-Boy]

Sounds like a similar situation to the one that occurred recently with the ubuntu forums.
They sent a bunch of pm's to other admins though and got further access like that, they also got hold of the db in that instance.

 

[marine1]

Question: so there was an attack. Do you have an ip address of the attacker?
Can we then proceed to trace the attacker?