Announcement

Collapse
No announcement yet.

Announcement

Collapse
No announcement yet.

FreakTab Database Leak

Collapse
This topic is closed.
X
X
Collapse
 
  • Page of 1
  • Filter
  • Time
  • Show
Clear All
new posts
Previous template Next
    #1

    FreakTab Database Leak

    Members of Freaktab best of the Holiday Season to you all.
    As you may recall in September 2019 the Software that controls our forum (vBulletin) and many others worldwide had a Data Breach
    and this event did cause Freaktab to be offline for many days while the problem has been resolved by vBulletin.
    The Failure of the Vbulletin software package was well published on the Internet.
    (https://www.zdnet.com/article/anonymous-researcher-drops-vbulletin-zero-day-impacting-tens-of-thousands-of-sites/ .

    The warning to all was to update your information when Calm has returned, and the fix was put in place by vBulletin
    Just a reminder for those who may have missed this and did not heed the warning ensure you have updated your Passwords.

    And stay safe this festive season.

    Ray aka Neomode
    Last edited by trebor; 12-20-2019, 08:54.

    Tags: None
    #2
    Hmm.. that's no cool...
    Its listed here:
    https://leak-lookup.com/databases
    freaktab.com date 2019-10-28 password : 124,032
    Size : 120 mb

    Comment

      #3
      Yes right it is not cool, but let me say it was not direct our fault.
      We have a really secure Setup of our Webserver and the Server.
      Problem was this 0-Day Security Bug in VBulletin that the Hacker released in the Wild before a Patch where avail.
      With this Security Bug, it was possible to get access to the File System and change VBulletin that we all only see a redirect Site instead of our Forum.
      Also, Vbulletin saves the Password / Username for the Database in a config file, normally no problem.
      But thank´s to the 0-Day Security Bug they could read it out and transfer the Database.
      We did not know it that they have done it after we were aware of the Attack we shut down our Servers and make all new.
      So I should not happen again.
      Once again we are really sorry for that Data Leak, but on the other Handy let me say the Passwords are save.
      Cause they are encrypted in the database, you can´t read it out directly. You have to do some Hard Word to get it.
      Also, the Database Size of only 120MB is not the hole Database, the Freaktab Database has a Size of 3GB!.
      So once again for the Users please change your Passwords just in Case.
      Also for the IP Address in the Leak, no worry we are using Cloudflare CDN, means all IP Addresses we have are pointing to Cloudflare and not your IP Address!


      Neomode




      Comment

        #4
        I know its not freaktabs vold : As I saw Gibson talk on YouTube ( security news )
        But I was not aware.. that the took the user/passwords of freaktab (I was hoping freaktab was down to avoid this leak )
        see:
        https://www.grc.com/sn/sn-735.txt

        search : Vbulletin
        He said: "The recent vBulletin pre-auth RCE zero-day disclosed by a researcher on full disclosure looks like a bug door, a perfect candidate for PwnieAwards in 2020. Easy to spot and exploit. Many researchers" - this is his tweet. "Many researchers were selling this exploit for years. Zerodium customers were aware of it since three years." In other words, for the past three years, any Zerodium customer who wished to could quietly execute any command they wished on the server of anyone running vBulletin, while in the meantime knowingly leaving every vBulletin system in the world wide open and exposed.
        anyway.. I changed my passwords...

        Comment

          #5
          Thanks for your understanding.
          We were not aware that they Dump the Database, we know it for 2 Days.

          Regards
          Ray

          Comment

            #6
            Hi ,

            even Gmail was on that List ,

            greetings / gefattern

            Comment

              #7
              This is really bad news, data leaks still occur in some cases!

              Comment

              Previous template Next

              What's Going On

              Collapse

              There are currently 1990 users online. 4 members and 1986 guests.

              Most users ever online was 16,134 at 08:28 on 08-11-2023.

              Working...
              X

              We process personal data about users of our site, through the use of cookies and other technologies, to deliver our services, personalize advertising, and to analyze site activity. We may share certain information about our users with our advertising and analytics partners. For additional details, refer to our Privacy Policy.

              By clicking "I AGREE" below, you agree to our Privacy Policy and our personal data processing and cookie practices as described therein. You also acknowledge that this forum may be hosted outside your country and you consent to the collection, storage, and processing of your data in the country where this forum is hosted.

              I Agree