Tweet
Emergency Site Update
Hi. I'm Ted, the guy running the server, if you don't recall from my occasional posts in the years past.
I apologize for the trouble with the site overnight. Turns out that someone exploited a vulnerability in the vbulletin software to install a cryptcurrency mining application on the system (running only as the webserver user) while I was on a business trip to Atlanta and not as attentive as usual. I didn't spot it until last night. I cleaned up the mess and built preventative measures but didn't get time to update vbulletin. I missed one detail which i think was causing errors over night on the forum. My fault, my apologies.
Here's a post from vbulletin about the Security Patch. https://forum.vbulletin.com/forum/vb...-5-3-and-5-5-4 Not very specific, but i believe this is related to the incident.
As well as the cleanup, I made time this morning to update the vbulletin. We're on the current version now.
Took me longer than expected to sort out the cause of upgrade issues because I was also wrestling with two pups who thought fighting through the office space was the best idea.
(Dog pics let me test and fix up the attachments that weren't working after the update.)
I think we're back to everything working. But if not, reply here and i'll troubleshoot whatever is still an issue.
Oh, and regarding the "incident", none of your data or info was available to the guy with the crypto miner. All he could do was do things as the webserver. So he could not see into the config files that had info to talk to the database. He just started up his little program as the webserver and was earning himself probable a dime a day at our expense.
Hopefully that's the last we see of him after the several fixes.
I apologize for the trouble with the site overnight. Turns out that someone exploited a vulnerability in the vbulletin software to install a cryptcurrency mining application on the system (running only as the webserver user) while I was on a business trip to Atlanta and not as attentive as usual. I didn't spot it until last night. I cleaned up the mess and built preventative measures but didn't get time to update vbulletin. I missed one detail which i think was causing errors over night on the forum. My fault, my apologies.
Here's a post from vbulletin about the Security Patch. https://forum.vbulletin.com/forum/vb...-5-3-and-5-5-4 Not very specific, but i believe this is related to the incident.
As well as the cleanup, I made time this morning to update the vbulletin. We're on the current version now.
Took me longer than expected to sort out the cause of upgrade issues because I was also wrestling with two pups who thought fighting through the office space was the best idea.
(Dog pics let me test and fix up the attachments that weren't working after the update.)
I think we're back to everything working. But if not, reply here and i'll troubleshoot whatever is still an issue.
Oh, and regarding the "incident", none of your data or info was available to the guy with the crypto miner. All he could do was do things as the webserver. So he could not see into the config files that had info to talk to the database. He just started up his little program as the webserver and was earning himself probable a dime a day at our expense.
Hopefully that's the last we see of him after the several fixes.
Comment