amuck-landowner

Ubuntu Forums Hacked

Zach

New Member
Verified Provider
My friend just showed me this over skype - http://ubuntuforums.org/announce.html.

http://www.zdnet.com/ubuntu-forums-hacked-1-82m-logins-email-addresses-stolen-7000018336/

What we know

Unfortunately the attackers have gotten every user's local username, password, and email address from the Ubuntu Forums database.

The passwords are not stored in plain text. However, if you were using the same password as your Ubuntu Forums one on another service (such as email), you are strongly encouraged to change the password on the other service ASAP.

Ubuntu One, Launchpad and other Ubuntu/Canonical services are NOT affected by the breach.
 
Last edited by a moderator:

kaniini

Beware the bunny-rabbit!
Verified Provider
Well, they are using vBulletin MD5 hashing.  So, I would just assume your password to be owned now, as IIRC that isn't even salted.  Or the salt is the same for all passwords.  Or something silly like that.

Good thing I use crappy passwords for sites like those.
 

MannDude

Just a dude
vpsBoard Founder
Moderator
Yikes! At least they gave a proper and immediate response and chose to announce what may not be common sense for every user, that being the importance of changing any password that may be the same elsewhere that it was there.
 

wlanboy

Content Contributer
Thank god that I am using a password manager and random generated passwords per forum.
 
Last edited by a moderator:

sv01

Slow but sure
sadly :( why someone attack website run by volunteer ? free of speech, free distro, free knowledge
 

WebSearchingPro

VPS Peddler
Verified Provider
Smells like summer!

But in all seriousness its a shame that someone would think of doing that to an org. that provides so much to the "hacker" community in way of linux development and spreading adoption.  
 

scv

Massive Nerd
Verified Provider
Their definition of 'hacker' doesn't match up to the skid's definition of 'hacker' though. The good part is that it was defaced, tells you the kid's green behind the ears and probably didn't do anything exceptionally nefarious.
 

jarland

The ocean is digital
Well that works. I can't say I care much about my Ubuntu forums account or the password used on it (old one that was leaked well over a year ago elsewhere). Pretty useless forum for the most part. The ratio of questions to answers is just insane and it makes the forum less approachable.
 

wlanboy

Content Contributer
I have read through some of the IRC logs...

  • 1.8 million accounts leaked
  • did not update vBulletin
  • did not protect the admin panel
What a mess.

I really can't believe that someone hacked an .org community.

PS:

The source of the defaced site.

And the background music.
 
Last edited by a moderator:

Aldryic C'boas

The Pony
why someone attack website run by volunteer ?
 
its a shame that someone would think of doing that to an org.
 
I really can't believe that someone hacked an .org community.
It's really not all that surprising. Honestly, if you've been under the belief that skids do things for any reason other than immaturity and amusement, then you've been deluding yourself. There are some (including one on this forum) that claim to do things 'for a greater good' or other such bullshit - at the end of the day, they're just kids turned loose with a hammer. Breaking things 1) because they can, 2) because it amuses them, 3) because they haven't had a real sense of personal responsibility driven into them yet. Doesn't matter who or what is getting broken to them.
 

kaniini

Beware the bunny-rabbit!
Verified Provider
I really can't believe that someone hacked an .org community.
It seems kinda obvious to me... ubuntuforums.org is a high traffic site, so if you're a skid and you want to show people how much of an alleged badass you are, it'd be a pretty good target.  Plus, there's the "lulz value" that skids enjoy so much.
 

peterw

New Member
they're just kids turned loose with a hammer. Breaking things 1) because they can, 2) because it amuses them, 3) because they haven't had a real sense of personal responsibility driven into them yet.
You cannot attach importance to something if you never build up something of worth by yourself.

What drives them? A mixture of envy and inferiority complex. It's their only way to gain attention because they are not able to do anything that needs more than 5 minutes of work.
 
Top
amuck-landowner