sfx2000
Part of the Furniture
VerticalScope hosts forums for roughly 1,100 websites across different interest areas - roughly 45M accounts have been obtained, and are actively being attacked.
If you're not certain if the forums you also participate are hosted or not by VerticalScope, check their Main WWW site - http://www.verticalscope.com
If you're not certain if the forums you also participate are hosted or not by VerticalScope, check their Main WWW site - http://www.verticalscope.com
Visitors to many popular car, sports and tech websites including VWVortex, The Truth About Cars, Pirate 4x4, Focus Fanatics, EvoXForums, and AutoGuide should change their passwords ASAP, reports ZDNet. 45 million accounts hosted on VerticalScope’s 1,100 sites have been compromised by hackers.
[Full disclosure: I’ve done some freelance work for The Truth About Cars before, so yep, I’ve got to change my password, too.]
Experts at LeakedSource, a breach notification website, believe that VerticalScope, which owns sites like VWVortex and TTAC, may have stored too much data in one or several connected servers. The volume of data cracking one server may have given hackers access to several others, as they say, “there is no other way to explain a theft on such a large scale.”
Furthermore, a database sample given to ZDNet shows passwords that were hashed and salted with MD5, an obsolete method that is now too easy to decipher. In addition to passwords, email addresses, the site visited and a user’s IP information (which can be sometimes be used to determine location) are all listed in conjunction with the usernames that were compromised.
Lack of HTTPS encryption and the use of vulnerable older versions of the vBulletin forum software were other weaknesses in VerticalScope sites noted by ZDNet. So far, they note, the data has not appeared for sale on the dark web.
[Full disclosure: I’ve done some freelance work for The Truth About Cars before, so yep, I’ve got to change my password, too.]
Experts at LeakedSource, a breach notification website, believe that VerticalScope, which owns sites like VWVortex and TTAC, may have stored too much data in one or several connected servers. The volume of data cracking one server may have given hackers access to several others, as they say, “there is no other way to explain a theft on such a large scale.”
Furthermore, a database sample given to ZDNet shows passwords that were hashed and salted with MD5, an obsolete method that is now too easy to decipher. In addition to passwords, email addresses, the site visited and a user’s IP information (which can be sometimes be used to determine location) are all listed in conjunction with the usernames that were compromised.
Lack of HTTPS encryption and the use of vulnerable older versions of the vBulletin forum software were other weaknesses in VerticalScope sites noted by ZDNet. So far, they note, the data has not appeared for sale on the dark web.
