Ubuntu Forums Hacked

2 replies [Last post]
oralfloss
Offline
Joined: 06/20/2013

https://ubuntuforums.org/announce.html/

This is a warning/notification to anyone who used to use Ubuntu forums, as I know some people here get their Trisquel help from there sometimes.

From their description of the announcement, it sounds a lot like their website was subject to a well-played SQL injection. Many websites have methods of filtering out attacks like this but there are many brute-force crackers who can eventually bypass the filters.

They claim that the passwords are encrypted, but as someone who is somewhat knowledgeable on SQL, I can say they likely used a one-way encryption method like SHA1 or MD5. This means that if you had a weak password, anyone could easily reverse the hash using a rainbow table (or one of the many websites that already have a huge collection of hash cracks easily available). Let this be a warning to anyone in the future who uses a weak password for any websites.

oralfloss
Offline
Joined: 06/20/2013

It seems as though ubuntuforums has no SSL encryption at the moment. If you want to see the announcement use this link instead:

http://ubuntuforums.org/announce.html/

MagicFab
Offline
Joined: 12/13/2010

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 2013-07-20 22:52, name at domain wrote:
> They claim that the passwords are encrypted, but as someone who is
> somewhat knowledgeable on SQL, I can say they likely used a
> one-way encryption method like SHA1 or MD5. This means that if you
> had a weak password, anyone could easily reverse the hash using a
> rainbow table (or one of the many websites that already have a huge
> collection of hash cracks easily available). Let this be a warning
> to anyone in the future who uses a weak password for any websites.

A weak password, re-use of passwords, etc...

While on the subject:

Ubuntuforums.org cracker promises no password release

http://www.theregister.co.uk/2013/07/23/ubuntuforums_cracker_promises_no_password_release/

F.

- --
Fabián Rodríguez
http://fsf.magicfab.ca
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: PGP/Mime available upon request
Comment: Using GnuPG with Icedove - http://www.enigmail.net/

iEYEARECAAYFAlHvt1MACgkQfUcTXFrypNUXagCgsNvgMsWSglo7oGA3qYNtdwup
efIAoMcf6c+00fewkrHEHVnrWLaqU1Dt
=MIvb
-----END PGP SIGNATURE-----