At approximately 3am GMT+0 on Feb 4th we discovered that we believe through an exploit in vBSEO there was a PHP drop-script (a script that doesn't trigger antivirus alerts, but is intended to execute malicious code on your server) placed in some of our modifications in the past 9 hours approx. (For those who run VBSEO you should follow the instructions here, if you have not done so already *vBSEO Security Bulletin* All Supported Versions: Patch Release - vBulletin SEO Forums). If you use vBSEO you should also clear your cookies.
The only people affected by this are people who downloaded the following modifications any time after 17:55 GMT+0 on Feb 3rd.:
The following files are NOT intended to be there and should be deleted immediately if found on your server:
If you have not received a PM/email from us we have NO reason to believe you have been affected, and this announcement is being made purely in the interests of completely open communication with our users/customers. Only 3 customers were potentially affected.
We apologise for the inconvenience
Discuss this news here.
The only people affected by this are people who downloaded the following modifications any time after 17:55 GMT+0 on Feb 3rd.:
- vBShout 5.4.8, 6.0.0 or 6.0.1
- vBOptimise 2.0.1, 2.3.0 or 3.0.0 beta
- vBSlider 1.0.6 or 1.0.7
- vBSecurity 1.0.1
The following files are NOT intended to be there and should be deleted immediately if found on your server:
- dbtech/vbsecurity/hooks/index.php
- dbtech/vbshout/hooks/index.php
- dbtech/vbshout_pro/hooks/index.php
- dbtech/vbslider/hooks/index.php
- includes/xml/index.php
- vb/cache/observer/index.php
- vboptimise/images/index.php
If you have not received a PM/email from us we have NO reason to believe you have been affected, and this announcement is being made purely in the interests of completely open communication with our users/customers. Only 3 customers were potentially affected.
We apologise for the inconvenience
Discuss this news here.
