MalwareBytes, the world famous anti-malware & Anti Virus company’s forum has recently found that its forum was compromised on Monday, 10th November.
The Antivirus company has sent emails to its forum members accepting that their forum was compromised & ensures that no personal data was stolen, nor any data is stored on their forum.
In a forum post, Marcin Kleczynski ( founder of MalwareBytes ) replied to one of its member’s query about an official email notification revealing that MalwareBytes forum was compromised. Marcin Kleczynski accepted that company’s forum forums.malwarebytes.org was hacked, but its website wasn’t compromised. He also said that the hosting provider in which their forum is hosted was hacked, allowing hackers to further take over the forum.
“Hi guys, Malwarebytes.org was not compromised, only the one server that is running this forum. Invision is known for having vulnerabilities and gets exploited all the time, unfortunately we fell victim to that. The e-mails are still going out, should be done in a few hours. Purging user passwords was precautionary and since we just moved away from our servers and went tohosting the board with Invision, we used it as an opportunity.”
The email sent by Malwarebytes to its members :
”I’m writing to let you know that on November 10th a vulnerability in our forum software allowed a hacker to gain access to the server hosting our community. We have no evidence of any personal data being stolen (nor do we store any on our forums!) but as a precautionary measure we are forcing all users to reset their passwords. The next time you attempt to log in, please select the “Forgot Your Password?” link below and follow the steps.”
One of the forum member ”Daledoc1” said that as a result of hack, Malwarebytes forum was ”intermittently” offline. Malwarebytes is facing criticism by other forum members for hosting the server on a third party server.