Millions of accounts from 25 hacked vBulletin forums being ‘sold’ on the dark web
The dark web has allegedly been flooded with millions of accounts from recently compromised vBulletin forums. A hacker, going by the pseudonym “Cfnt”, has reportedly claimed to have hacked 25 web forums, which were running on outdated versions of the vBulletin software.
The alleged hacked forums belong to various categories, including fitness, technology, network security, gaming, animations and entertainment. Among those compromised are forums such as Subagames.com, rappers.in, forums.spybot.info, cashcrate.com, codingforums.com, dcemu.co.uk, asia-team.net, dbforums.com and forums.3dtotal.com, HackRead reported.
Around 38 million accounts from the 25 hacked forums are now allegedly up for sale in a popular dark web marketplace. The hacked forums were allegedly running on vBulletin 4.x, which is vulnerable to be exploited by hackers via various methods, including SQL injection attacks. The security issue with this version was reported in June 2016, according to vBulletin support forums.
A warning to those using older vBulletin versions, posted by the vBulletin support forums last year reads: “A security issue was reported to us that affects vBulletin 4. We have released security patches for vBulletin 4.2.2 & 4.2.3 to account for this vulnerability. The issue could potentially allow attackers to perform SQL Injection attacks via the included Forumrunner add-on. It is recommended that all users update as soon as possible. If you’re using a version of vBulletin four older than 4.2.2, it is recommended that you upgrade to the latest version as soon as possible.”
Accounts from each of the forums are allegedly being sold for amounts ranging from $100 to $200 on the dark web. It is highly recommended that users with accounts on such vBulletin forums change their account passwords. As a precautionary method, users are also advised to use unique passwords for each of their accounts and not fall into the habit of reusing passwords as that can lead to further risk of being hacked.