I really thought someone is messing with my Wifi and I was a victim of a Man-In-Middle Attack, until I googled about it.
Yes, the Ubuntu Forums have been hacked. The attacker took over the entire database of it.
They have every user's local username , password and e-mail address.
While the data from the forums has been compromised they stress that other Ubuntu/Canonical services such as Launchpad, Ubuntu One, ' are not affected by the breach'.
What Happened ?
Reports of the forums being ‘defaced’ surfaced on late Saturday (July 20th). The main page was redirected to that of an image touting a twitter account – @Spuntn1k_ – and text that read: “You dun goofed, it’s as simple as that”.
Early Twitter accounts of the hack say that an unspecified music track was also played when accessing the homepage.
So how did this happen? That’s the question Canonical will be trying to find out as soon as possible.
A Security blog , Sucuri, suggest that the hack may have been achieved due to lax protection on the backend. According to an unnamed source they've been told that the forum was running an outdated version of vBulletin that ‘didn't have the admin panel protected’.
Canonical has since redressed the breach, replacing the image with an announcement on what happened so far.
Hope Ubuntu Forum get well soon...
No comments:
Post a Comment