Jump to content
Due to inclement weather in Southwest Florida, our Clearwater support team is offline. Our other offices are available to assist you, however their responses may be delayed. We appreciate your patience and understanding during this time. ×

Malwarebytes.org Comprimised?


Recommended Posts

Hi,

 

I've just received an email purporting to be from Malwarebytes.org stating the following:

 

 

I'm writing to let you know that on November 10th a vulnerability in our forum software allowed a hacker to gain access to the server hosting our community. We have no evidence of any personal data being stolen (nor do we store any on our forums!) but as a precautionary measure we are forcing all users to reset their passwords. The next time you attempt to log in, please select the "Forgot Your Password?" link below and follow the steps.

 

 

 

Could anyone clarify please?

 

 

Regards

Link to post
Share on other sites

  • Root Admin

Hi guys, Malwarebytes.org was not compromised, only the one server that is running this forum. Invision is known for having vulnerabilities and gets exploited all the time, unfortunately we fell victim to that. The e-mails are still going out, should be done in a few hours. Purging user passwords was precautionary and since we just moved away from our servers and went to hosting the board with Invision, we used it as an opportunity.

 

Let me know if you have any questions or you can e-mail me :).

Link to post
Share on other sites

Hi guys, Malwarebytes.org was not compromised, only the one server that is running this forum. Invision is known for having vulnerabilities and gets exploited all the time, unfortunately we fell victim to that. The e-mails are still going out, should be done in a few hours. Purging user passwords was precautionary and since we just moved away from our servers and went to hosting the board with Invision, we used it as an opportunity.

 

Let me know if you have any questions or you can e-mail me :).

Moving from your own server to an insecure site isn't really a smart move. Especially not for a Malware prevention company.  :o

Link to post
Share on other sites

Hi guys, Malwarebytes.org was not compromised, only the one server that is running this forum. Invision is known for having vulnerabilities and gets exploited all the time, unfortunately we fell victim to that. The e-mails are still going out, should be done in a few hours. Purging user passwords was precautionary and since we just moved away from our servers and went to hosting the board with Invision, we used it as an opportunity.

 

Let me know if you have any questions or you can e-mail me :).

 

I don't understand your statement. Perhaps I'm misreading it. Could you please clarify?

 

Invision is known for having vulnerabilities and gets exploited all the time, unfortunately we fell victim to that.

 

 

Why were you using Invision if that's the case? And no user data has been compromised? E-mail addresses? Passwords? Nothing else?

 

 

Purging user passwords was precautionary and since we just moved away from our servers and went to hosting the board with Invision, we used it as an opportunity.

 

 

This is where I'm further confused. Were you on your own servers before recently choosing to move to Invision? Was the Forum compromised after the move to Invision? If Invision, as you stated earlier, "is known for having vulnerabilities and is exploited all the time", has MB stopped hosting with them? Is the decision on who hosts restricted by the Board software package?

 

TIA

Link to post
Share on other sites

I never received any email.  I logged out, tried to log back in and got the expected message about having an incorrect user name or password.

 

Just as a heads up for the admins or owners of this site, it took 3 attempts clicking on the "forgot password" link to receive any email required to reset it. I waited about 15 mins between each request, and with the 3rd request the email was sent immediately.

Link to post
Share on other sites

I too have a copy of the email. It looks like Phishing, even smells like Phishing. Not even a logo,

I don't remember this ever happening with Malwarebytes before.

 

After moving the "community" onto a known weak and vunberable hosting service, hundreds of, if not thousands of people will see the email as a Phish, and igniore it. Others who follow through, will ponder the reliability and security of Malwarebytes - I am!
 
I am floored - that Malwarebytes would share pillows with a host known for it's flawed software - even if they do catch and patch quickly. It certainly raises eyebrows, and invites a sense of distrust in Malwarebytes, even if the full blame is put on Invision.
 
I don't need to be in the forums/community and only diseceted the headers to ensure it actually came from Malwarebytes - and as suspicious as it still looked, changed my password.

 

Now to request that my Forum/Community/Support account be deleted.

 

i

Link to post
Share on other sites

Hi guys, Malwarebytes.org was not compromised, only the one server that is running this forum. Invision is known for having vulnerabilities and gets exploited all the time, unfortunately we fell victim to that. The e-mails are still going out, should be done in a few hours. Purging user passwords was precautionary and since we just moved away from our servers and went to hosting the board with Invision, we used it as an opportunity.

 

Let me know if you have any questions or you can e-mail me :).

 

Since I might've furthered confusion on this issue HERE --

 

I didn't receive a notification about this issue from MB. An associate notified me.

 

When Marcin says -- " ..... Invision is known for having vulnerabilities and gets exploited all the time, unfortunately we fell victim to that....."

 

This is where I got confused. I think he's speaking there to the IP.Board software package regardless of who hosts the Forum. IP = Invision Power. He's not saying their hosting service is more vulnerable to exploits.

 

The decision to move over to Invision's hosting services was so that when a vulnerability is found, they have direct access to the forum software and lock down the issues.

 

His brief answer here implies that that's the case. With IP. Board having direct access, presumably, any discovered vulnerabilities will be immediately closed.

 

[ MODS -- If my interpretation is correct in this post, please delete my earlier one if it adds to or creates confusion.]

 

From what I've read, IP. Board has been exploited frequently including at security forums. Which begs a few questions.

 

TIA

Link to post
Share on other sites

From what I've read, IP. Board has been exploited frequently including at security forums. Which begs a few questions.

 

Considering that "reports say" the White House and many large companies are often compromised, the MBAM personal record is very good.

 

I don't remember this ever happening with Malwarebytes before.

@ Internaut : This shows the personal security level applied here.

Link to post
Share on other sites

Considering that "reports say" the White House and many large companies are often compromised, the MBAM personal record is very good.

 

.....SNIP

 

 

Comparing a security company to either of those entities is like pitting  a MLB team against a AAA squad. Most government security is hampered by its own weight and most large companies are notorious for shortchanging their security budget. But I do get your point.

 

On this issue, this statement has validity I would ask then, rhetorically, why change that which has worked?

 

It's disheartening when something like this happens and especially so when it happens to a security outfit. MB reports that no user data was compromised --- excellent. This incident, minor though it may have been, is a another reminder to each of us to stay vigilant as to where we keep our stuff.

 

Good Evening.

Link to post
Share on other sites

  • gonzo locked this topic
Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.