Entire vbulletin.org website is duplicated

[joelr]

Ironically, this was posted on the XF forums of all places.

This is not an anti-advertisement as it might seem. I simply can't post on the company's forum because a license is required. They don't respond to my emails, so I’m writing here.

I wrote to the vBulletin company administration, informing them that a group of Russian hackers is stealing entire forums and launching them on new domains. They didn’t respond to my emails. Yes, it’s hard to believe, and I can’t prove it because from the outside, it looks like a fully functioning forum with no errors, complete with messages dating back 10 years, and it's unclear who the owner is. Yes, vBulletin could always say that the vulnerability is somewhere else, like in the hosting or other software.

But recently, the situation changed. Russian hackers completely stole the forum of the vBulletin company itself – vbulletin.org – and re-uploaded it to a new address: vborg.vbsupport.ru

https://xenforo.com/community/threads/using-vbulletin-3-8-is-dangerous.224887/

 

[Darth Cognus]

I'd actually like to know how they do this not to steal someone's forum, but to make a backup of a site that has a completely absent owner and where the content could end up irreparably lost if the plug is just pulled without notice one day.

But the board I'm thinking of is 4.x so maybe it doesn't apply in the first place.

 

[joelr]

I'd actually like to know how they do this not to steal someone's forum, but to make a backup of a site that has a completely absent owner and where the content could end up irreparably lost if the plug is just pulled without notice one day.

But the board I'm thinking of is 4.x so maybe it doesn't apply in the first place.

Think of all the absent forums we could save!

 

[Ravenfreak]

I'd actually like to know how they do this not to steal someone's forum, but to make a backup of a site that has a completely absent owner and where the content could end up irreparably lost if the plug is just pulled without notice one day.

But the board I'm thinking of is 4.x so maybe it doesn't apply in the first place.

There's scrapers that can crawl a site and steal posts, themes, etc. I'm sure this is how these Russian hackers were able to copy/paste the vBulletin.org site. Though the site itself is dead now and all support is on their main forum which is on the forum.vbulletin.com domain name.

 

[Joeychgo]

There's scrapers that can crawl a site and steal posts, themes, etc. I'm sure this is how these Russian hackers were able to copy/paste the vBulletin.org site. Though the site itself is dead now and all support is on their main forum which is on the forum.vbulletin.com domain name.

except someone reported they were able to login to the russian site with their existing username and password. If true, wouldnt that mean the entire database was stolen instead off the site just being scraped?

 

[Ravenfreak]

except someone reported they were able to login to the russian site with their existing username and password. If true, wouldnt that mean the entire database was stolen instead off the site just being scraped?

They probably stole the database and the site's code. Either way it's sketchy but the site did use an outdated version of vBulletin. I know many people preferred that version of the software and it's probably why the site was online for so long.