



Inj3ct0r Team of Exploit Database website 1337Day claimed the responsibility for the hack and also claimed that they have also hacked the official website of



"Macrumors.com was based on vBulletin CMS. We use our 0day exploit vBulletin , got password moderator. 860000 user data hacked too. The network security is a myth" he told me. Yesterday,of Exploit Database websiteclaimed the responsibility for the hack and also claimed that they have also hacked the official website of vBulletin Forum using a Zero Day exploit " he told me.

vBulletin v4.x.x and 5.х.x, that allows an attacker to execute arbitrary code on the server end remotely. During the conversation, team leader told me that he has discovered a Zero Day Remote Code Execution vulnerability inv4.x.x and 5.х.x, that allows an attacker to execute arbitrary code on the server end remotely.





We found a critical vulnerability in all vBulletin versions 4.x.x and 5.х.x. We have successfully uploaded our shell on the official vbulletin server and dumped their database after getting root access. All those wishing to buy this vulnerability and patch their forums can get the exploit from our site." he added. On their exploit marketplace they are also selling this zero day exploit with Shell Upload payload at $7000 USD. "" he added.





For proof of concept, they have shared some screenshots of vBulletin database and server shell, as shown below:

















vBulletin team also admitted the breach and issued a e-mail and company forum post, urged customers to change their passwords as soon as possible.

"Very recently, our security team discovered sophisticated attacks on our network, involving the illegal access of forum user information, possibly including your password." The officialteam also admitted the breach and issued a warning note viaand company forum post, urged customers to change their passwords as soon as possible.





Update : World biggest Hacking Conference DEF CON forum also goes down because of the vBulletin zero day exploit in the wild.

We have disabled the forums until there is resolution on a possible vulnerability. Once we have a fix/patch installed, we'll re-open service. Thanks! Sorry about the down-time." However, if somehow credentials are compromised of such forums or sites, many people use the same passwords for their other accounts, which provides the attacker with a much easier way to compromising the highest value targets. So always, please use different passwords for different websites.World biggest Hacking Conference DEF CON forum also goes down because of thezero day exploit in the wild.