Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

MBAM...anyone else receive this ??


  • Please log in to reply
14 replies to this topic

#1 Condobloke

Condobloke

    Outback Aussie @ 54.2101 N, 0.2906 W


  • Members
  • 6,082 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:55 AM

Posted 20 November 2014 - 08:45 PM

condobloke,

I'm writing to let you know that on November 10th a vulnerability in our
forum software allowed a hacker to gain access to the server hosting our
community. We have no evidence of any personal data being stolen (nor do
we store any on our forums!) but as a precautionary measure we are
forcing all users to reset their passwords. The next time you attempt to
log in, please select the "Forgot Your Password?" link below and follow the steps.

https://forums.malwarebytes.org/index.php?app=core&module=global&section=lostpass

We've also migrated our community away from our servers and onto a
service hosted by Invision Power Board. They know their software best
and as vulnerabilities are discovered, they can patch them more quickly.

I personally apologize for the inconvenience and if you have any
questions, do not hesitate to contact me directly at
[email protected]<script type="text/javascript">
/*  */
</script>.

Marcin


Condobloke ...Outback Australian  fed up with Windows antics...??....LINUX IS THE ANSWER....I USE LINUX MINT 18.3  EXCLUSIVELY.

“A man travels the world in search of what he needs and returns home to find it."

It has been said that time heals all wounds. I don't agree. The wounds remain. Time - the mind, protecting its sanity - covers them with some scar tissue and the pain lessens, but it is never gone. Rose Kennedy

 GcnI1aH.jpg

 

 


BC AdBot (Login to Remove)

 


#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,756 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:12:55 PM

Posted 20 November 2014 - 09:11 PM

I did via [mvpsectalk] email sent by Malwarebytes Forum...then forwarded to our distribution list.

I reset my password and noted the forum url had been changed from http://forums.malwarebytes.org//
to https://forums.malwarebytes.org/

See this topic.

Hi guys, Malwarebytes.org was not compromised, only the one server that is running this forum. Invision is known for having vulnerabilities and gets exploited all the time, unfortunately we fell victim to that. The e-mails are still going out, should be done in a few hours. Purging user passwords was precautionary and since we just moved away from our servers and went to hosting the board with Invision, we used it as an opportunity.

Let me know if you have any questions or you can e-mail me :).


.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#3 j4m3s

j4m3s

  • Members
  • 287 posts
  • OFFLINE
  •  
  • Local time:12:55 PM

Posted 20 November 2014 - 09:15 PM

I have an account there but received nothing...strange. Seems prudent to change passwords just in case.



#4 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,756 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:12:55 PM

Posted 20 November 2014 - 09:17 PM

Yes go ahead and change your password.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#5 softeyes

softeyes

  • Members
  • 1,604 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:09:55 AM

Posted 20 November 2014 - 09:48 PM

Not good news for our Mbam pals

Helpful update- thanks

#6 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,756 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:12:55 PM

Posted 20 November 2014 - 09:55 PM

As Marcin (RubbeR DuckY) noted...Invision is known for having vulnerabilities and gets exploited all the time. This is not the first security forum to experience this and most likely will not be the last.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#7 j4m3s

j4m3s

  • Members
  • 287 posts
  • OFFLINE
  •  
  • Local time:12:55 PM

Posted 20 November 2014 - 09:58 PM

As Marcin (RubbeR DuckY) noted...Invision is known for having vulnerabilities and gets exploited all the time. This is not the first security forum to experience this and most likely will not be the last.

 

Unfortunately it seems that they are migrating to Invision instead of away from it, so it might not be the last time MBAM experiences it.



#8 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,756 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:12:55 PM

Posted 20 November 2014 - 10:22 PM

Actually they have been using the Invision Power Board for quite a while. Bleeping Computer uses it too.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#9 j4m3s

j4m3s

  • Members
  • 287 posts
  • OFFLINE
  •  
  • Local time:12:55 PM

Posted 20 November 2014 - 10:35 PM

Oh, interesting. Thanks for the info.



#10 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,756 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:12:55 PM

Posted 20 November 2014 - 10:47 PM

You're welcome.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#11 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:02:55 AM

Posted 21 November 2014 - 04:16 AM

For those Security Aware People who also use Malwarebytes Forum, please be aware of a login failure -

 

Basically, click on "Forgot Your Password?" link and Reset your new password ......

 

This, below was posted as an "open reply" by Marcin on the Malwarebytes Forum : :

I'm writing to let you know that on November 10th a vulnerability in our forum software allowed a hacker to gain access to the server hosting our community. We have no evidence of any personal data being stolen (nor do we store any on our forums!) but as a precautionary measure we are forcing all users to reset their passwords. The next time you attempt to log in, please select the "Forgot Your Password?" link below and follow the steps.

We've also migrated our community away from our servers and onto a service hosted by Invision Power Board. They know their software best and as vulnerabilities are discovered, they can patch them more quickly.

I personally apologize for the inconvenience and if you have any questions, do not hesitate to contact me directly.

Marcin

Edited to add Quote box


Edited by noknojon, 21 November 2014 - 02:43 PM.


#12 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:02:55 AM

Posted 21 November 2014 - 04:47 AM

I had not visited for a few days, and found it there also.

 

My Password was reset as above and no problems now ..

 

"In my error" I posted a similar topic under General Security (that can be removed if you wish).

 

The email was in my Spam Folder ? and I missed it till just now, as I went to empty it ..........



#13 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,756 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:12:55 PM

Posted 21 November 2014 - 05:47 AM

I posted a similar topic under General Security (that can be removed if you wish).

I just merged it with this one.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#14 Freeroamer

Freeroamer

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:08:55 AM

Posted 22 November 2014 - 09:54 PM

Yah, I got this exact same thing..



#15 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,756 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:12:55 PM

Posted 22 November 2014 - 10:33 PM

Then be sure to change your password.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users