45 Million Accounts Hacked At Some Of The Biggest Car Forums

Welcome to RCTalk

Come join other RC enthusiasts! You'll be able to discuss, share and private message with other members of our community.

Register Log in
This site may earn a commission from merchant affiliate
links, including eBay, Amazon, and others.
WoodiE

WoodiE

Kind of good admin
Administrator
Messages
15,858
Reaction score
2,654
Location
Lexington, KY
RC Driving Style
  1. Bashing
I know we've got a lot of car guys on here and if you're a member of other 1:1 car forums you might want to make sure they are not owned by a company called Vertical Scope - as all of their forums have been hacked!

"Lack of HTTPS encryption and the use of vulnerable older versions of the vBulletin forum software were other weaknesses in VerticalScope sites"

http://jalopnik.com/45-million-accounts-hacked-at-some-of-the-biggest-car-f-1782030203
 
WoodiE said:
I know we've got a lot of car guys on here and if you're a member of other 1:1 car forums you might want to make sure they are not owned by a company called Vertical Scope - as all of their forums have been hacked!

"Lack of HTTPS encryption and the use of vulnerable older versions of the vBulletin forum software were other weaknesses in VerticalScope sites"

http://jalopnik.com/45-million-accounts-hacked-at-some-of-the-biggest-car-f-1782030203
Click to expand...

I am on a 1.1 forum ,there was some funky stuff going on there yesterday ,the folks were complaining
about not being able to get into the gallery...:eek:
 
:eek:

That's a fair amount of data.

Change your passwords if you're on any of the affected sites and use your passwords elsewhere on the Internet.
 
Oh CrapI these guys own rccanada! I just want on yesterday for the first time in over a year, and saw no mention of it at all.
 
BurningRain said:
:eek:

That's a fair amount of data.

Change your passwords if you're on any of the affected sites and use your passwords elsewhere on the Internet.
Click to expand...

I can't stress enough, people should be using a good password manager to store their passwords which will allow them to use much more secure and random passwords (much better than 12345678) and never re-use passwords.

wacmartin said:
Oh CrapI these guys own rccanada! I just want on yesterday for the first time in over a year, and saw no mention of it at all.
Click to expand...

VS is doing an incredibly poor job informing their users what's going on. Not all of their sites have an announcement yet and those that do are simply being told passwords are being reset and are now being required to change every year. No mention of why they are doing this or the fact that all of their information has been leaked.

Here is a list of all their 1:1 car forums: http://www.verticalscope.com/automotive/site-list.html and a list of all their hobby forums: http://www.verticalscope.com/hobbies-collectibles/site-list.html - they have a lot more forums than just those two links as well!
 
WoodiE said:
I can't stress enough, people should be using a good password manager to store their passwords which will allow them to use much more secure and random passwords (much better than 12345678) and never re-use passwords
Click to expand...

I quite agree, I work in the security industry so you're preaching to the converted :D

If anyone is interested then KeePass is great in conjunction with KeeFox plugin for FireFox.
 
I saw the post about the passwords, and not one other thing about this was mentioned! I've made a new post about this issue and not one reply yet. It's a crappy forum with dwindling posts and crappt mods, theres a reason I never go on anymore
 
I got an email around 4 am from one I'm a member of (havent been on it in years) saying my password was reset.
 
slowngreen said:
I got an email around 4 am from one I'm a member of (havent been on it in years) saying my password was reset.
Click to expand...
If you use that password in other places, be sure to change those as well.
 
ninnon said:
Aren't we using SSL now?
Click to expand...
Yes, since early this year. You should be able to verify this by looking at your address bar and seeing the locked padlock like so:

https-rcnitrotalk-forum-png.17335
 
There have been a confirmed 0-day exploit for vBulletin and possibly used against Mac Forums, WHT, and possibly SSC.

As a reminder it's best that you do NOT re-use passwords from site to site and certainly if you're a member of ANY other forums that use vBulletin software to make sure you're using secure passwords.

Best solution would be to use a password manager like KeePass or LastPass to store your passwords. Both will auto generate passwords for you as well to ensure you are using strong passwords and not "123456".
 

Similar threads

majin
messed up and used banggood.
2
Replies
23
Views
780
WickedFog
WickedFog
Krawlin
Basher Build from a Racer's Perspective- Mugen MBX5R Prospec
Replies
7
Views
7K
Brady Matthews
Brady Matthews
WoodiE
  • Sticky
How to Solder Correctly
2
Replies
31
Views
36K
Roog
Roog
Back
Top