or Connect
EpicSki › The Barking Bear Forums › On the Snow (Skiing Forums) › General Skiing Discussion › Ski Forums Hacked All Over The Net
New Posts  All Forums:Forum Nav:

Ski Forums Hacked All Over The Net

post #1 of 11
Thread Starter 
Looks like TGR is the latest victim
post #2 of 11
Tgr, Liftlines, firsttracks and Telemark Talk have all been hit. AC and DCHAN better be on high alert.
post #3 of 11
post #4 of 11
no, the upgrade borked the board. Not hacked. Just talked to ONS in the chat.
post #5 of 11
It's a known PHP snafu, and phpBB is known to be an easy victim. I'm not sure about vBulletin.

The fast rule: make sure your PHP installation is up-to-date and that your admin password is really strong.
post #6 of 11
First tracks was hit twice! Here is a portion of an email that subscribers there got tonight:
Hello friends,
Some days, it just doesn't pay to get out of bed.

Our Liftlines user forums at First Tracks!! Online Ski Magazine were hacked today, not once, but twice. A combination of security vulnerabilities has affected over 40,000 websites this week that run the forum software that runs Liftlines, and we were not immune. As soon as we restored our forums from a backup, hackers struck again. Diligent efforts to secure and restore Liftlines today resulted in a delay in publishing our Ski News, and for that we apologize to our readers.
post #7 of 11
It would be helpful if you could let us know specifically (as much detail as possible) what happedned to the other sites.

post #8 of 11
seems as though biglines.com ( a candian ski and snowboarding community based in calgary ) is down aswell.
post #9 of 11
I'm not sure about those sites but the computer and web magazines I get e-mail bulletins from say that phpBB has a known security flaw that was being victimezed last week. Here is an article from eWeek:

post #10 of 11
AC - I believe Owens at TGR installed a patch for it. Might check with him if you haven't got it.
post #11 of 11

PHP Vulnerability description

I have a Virtual Private Server with Verio and got this notice from them. this may be what's causing the vbulletin issues on other forums.

If you currently use PHP (versions prior to 4.3.10), you may be susceptible to a vulnerability through the "unserialize" function. This could allow a remote user access to your web server content. If you are using an older version of PHP, we strongly recommend that you upgrade as soon as possible.
To upgrade to PHP 4.3.10, run the following command from your VPS shell
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: General Skiing Discussion
EpicSki › The Barking Bear Forums › On the Snow (Skiing Forums) › General Skiing Discussion › Ski Forums Hacked All Over The Net