Jump to content

Forum hacked


Key
 Share

Recommended Posts

Hello!

 

The popups issue reoccurred.

 

The forums have been hacked because of an exploit in an old plugin, but even if we removed the plugin the hack is still there, I think it has already compromised the server. It remains latent for a few days, after I reinstall all vBulletin files, and then the popups appear again.

 

So yeah, we gotta ask a professional company for help,

Please Register/ Sign In, in order to see the links.
which will cost us $299.99.

 

We don't really have other choice, as I talked to the vBulletin support and I followed all steps they mentioned - upgraded vBulletin, changed admin password for forums, server (SSH/SFTP, login to server), deleted old plugins (as you saw Tapatalk wasn't available for a few days, the Arcade was changed, the Thank you/Like system was changed), I restricted permissions on forum folders, but the hack still reoccurs every 3 days. It seems they already compromised the server and all that vBulletin staff says right now is to have a pro company check the server for malaware and remove them.

 

No sensitive data was lost (no passwords, usernames, profiles, messages, anything) and no virus was sent to our members. The only thing that was hacked is the server/forums, to create popups so the hacker earns each time the popup is shown to YO members.

 

We will pay to have this company check the server and remove all infection. I am really sorry for this situation. As long as they will work, I might need to close the forums. I will post updates either here, or on

Please Register/ Sign In, in order to see the links.
/
Please Register/ Sign In, in order to see the links.
.

 

 

EDIT: The issue was solved, I gave all details in

Please Register/ Sign In, in order to see the links.
.

Link to comment
Share on other sites

  • Replies 36
  • Created
  • Last Reply

Top Posters In This Topic

  • Key

    11

  • Lemur7

    5

  • fan_yaoi

    3

  • voide

    3

Top Posters In This Topic

Damm that is shitty. I will donate some extra next month. Thank you key for explanation and work on this. Must be tough to have to deal with these setbacks.

Link to comment
Share on other sites

Oh dear. This hacking business seems to be going around, it happened on another yaoi manga forum recently. I hope the security check works. All the best, dealing with this must be hard on you guys.

Link to comment
Share on other sites

Thank you so much for telling this. This must be hard on you guys. All the best & thank you for the hardwork! (Ah, I see what I can contribute) Thanks again.

Link to comment
Share on other sites

Good Grief ...not here also ...I guess we can be thankful that it is an exploit for just pop-ups rather than taking info or members files...if all else fails try using a fake index file ..and have the real one hidden under another name on the server...it's an old trick used on Apache servers from long ago,,when the net was a baby and no real security existed

Link to comment
Share on other sites

Please Register/ Sign In, in order to see the links.

Yeah, just that the issue is that not the index file is hacked, the forum is hacked on a deeper level, perhaps server level. We even replaced all the files totally and after 2-3 days, the popups are back. Various .js files randomly get altered and we suppose they let a backdoor somewhere on the server. We'll know more when the pro team will start working.

Link to comment
Share on other sites

oh man~! that sucks. i wish i could do something to help maintain this forum from those damn hacking. i'll try to make more monetary contribution to this forum. thanks for your hard work though,

Please Register/ Sign In, in order to see the links.
. really appreciate it ^_^ must be hard on you guys. hang in there alright! ᕙ( * •̀ ᗜ •́ * )ᕗ

Link to comment
Share on other sites

I haven't gotten the issue the time I wrote my comment. But today whenever I tried to click, popups showed up. Thank you for the heads up guys. And thank you for all the hardwork to make the forum get on track & better.

Link to comment
Share on other sites

UPDATE: The company started working, we just need patience until they scan everything on the server. I'll post all details and the findings once the operation is done.

 

NOTE: The popups will keep appearing until we manage to have everything cleaned.

Link to comment
Share on other sites

The forum is back but the works are still ongoing on the server. I've re-uploaded all vBulletin files again to temporary get rid of the popups until the works are finished. I'll update with all details once the work is done. This is surely taking more time than we expected... But yeah, fixing a hacker's damage is a hard task, so, we gotta be patient.

 

Note: Make sure to clear your browser's cookies. You can either use a free soft like CCleaner, or clean them manually from the browser. For those who don't know how to do it, please check

Please Register/ Sign In, in order to see the links.
.

Link to comment
Share on other sites

thanks Key ..I know how hard this is on you and your staff...

btw the "Coll" that posted on your FB page just happens to be me ..lol

hang in there soon this place will be back to normal...

Link to comment
Share on other sites

So that's why the forum is inaccessible recently. Good thing that my laptop is not infected by malwares.

 

Until the problem is fully fixed I have to activate my adblocker on this site to prevent these annoying popups from appearing.

 

Hope everything can be back to normal soon.

Link to comment
Share on other sites

Please Register/ Sign In, in order to see the links.

This hack CANNOT infect members computers and CANNOT steal any personal information. It only affects the site itself and currently the popups are inactive cause we re-uploaded all the site's files once again. Soon, once the entire server is cleaned, the popup issue shouldn't return at all.

Link to comment
Share on other sites

I noticed pop-ups about 6 or 7 hours ago, when clicking on the text-area of the chat.

But I think it's gone now...

Link to comment
Share on other sites

Oh this was the reason I stopped visiting the site while using Mobile since I can't get past the horde of pop-ups.

Link to comment
Share on other sites

It's been ages like months since i last came here. I'm sad this is the first thing I have to see ):

 

I hope everything get better soon. ^^

Link to comment
Share on other sites

just letting you know ...the pop-ups have returned ...had to try 3 times to post this

but it was a record almost a full week before they struck again ..

hang in there Key ...I know things will get done to fix it...

I will do as before add the urls to a blocking list in my comps host file

 

PS ..to all folks a bit techy you can add each address of each pop-up to your "hosts file" put 0.0.0.0 a space and the url ..it tells your computer to block that url ...!!!

Link to comment
Share on other sites

Please Register/ Sign In, in order to see the links.

Clear your browser's cache (selecting 'from the beginning of time') and the popups should be gone again.

 

Yes, the team is still working. They are surely taking their time with this...

Link to comment
Share on other sites

Just wanting to mention, I've had pop-ups using the chat, tonight (it's 2 in the afternoon right now around here, don't know where to look to tell you the exact time when that occured) and just now logging in there were new ones, too, when I tried typing in my password.

 

I hope that will be gone for good, soon.

I just joined the site like... maybe a month ago and I really fell in love with it.

It's just mean of those hackers to attack you.

 

But one question: I got my adblocker switched off, but I don't see any advertisement on the site at all.

Is this normal? Or... where should it be showing up?

Link to comment
Share on other sites

Please Register/ Sign In, in order to see the links.

Make sure to clear your browsers cookies as at the moment you shouldn't be receiving popups if your cache is clean.

 

You should be seeing ads at the bottom of the forums and in threads, after the first and last post (banner ads only).

Link to comment
Share on other sites

It's just that I can't log in my old account.. It was lost and when I tried to create a new account using my old e-mail add, it keep on saying E-mail is on use or something.. Also, I can't download bl novels.. What happened. I tried to go on BL novel members only forum, only the first page is available and the rest was gone..

Link to comment
Share on other sites

Please Register/ Sign In, in order to see the links.
,

 

I don't understand why are you posting here when this has nothing to do with the forums being hacked.

If you forgot your password, you could've requested a pass-recovery.

 

The BL section was divided in two, these for public viewing and where users can purchase the books

and for members only(downloads). Go to the downloading section, you will see it.

 

Have a good day.

Regards,

Saga

Link to comment
Share on other sites

Please Register/ Sign In, in order to see the links.

Please contact me in private (PM) for your problems, since, as Saga said, they are different from the topic of this thread.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share




×
×
  • Create New...

YaoiOtaku is a friendly community that has a lot to offer when it comes to everything yaoi - manga series, DJs, oneshots, anime, yaoi RPs and plenty of BL discussion topics.

Make sure to also check:

Yaoi Manga

KPop Profiles

Yaoi Dj

Manga Lotus