Ubuntu Forums Hacked, User Data Stolen!!!

Ubuntu Forums hacked again

Ubuntu Forums has been hacked, again. Again, because Ubuntu Forums were hacked back in 2013 as well. Last time around 1.8 million users were impacted and this time, over 2 million users have their data stolen.

Unlike the last time, users’ passwords are safe this time. However, users’ name, IP addresses and most importantly, their email address have been stolen.

So if you were using Ubuntu Forums, get prepared to get spam emails (Nigerian prince is going to make you an offer you must refuse) as most likely your email address will be sold to various scammers.

How did it happen?

Canonical CEO Jane Silber revealed the details of the security breach in a blog post. If you follow hacking news and you have an interest in hacking and stuff, you would get the obvious culprit of the forums hack.

Yes, you guessed it right! It was an SQL injection. For those who are not aware of it, SQL injection is one of the most common hacking technique used mostly against forums like websites. SQL injection was the most used hacking technique in the year 2015.

According to Jane, “there was a known SQL injection vulnerability in the Forumrunner add-on in the Forums which had not yet been patched”. As Ubuntu Forums uses Ubuntu Single Sign On for login, the passwords are safe.

In fact, Canonical wasn’t even aware of this successful hack until someone started selling/claiming Ubuntu Forum userbase. Once alerted, they took the swift action and after taking corrective actions full service of the Forums has been restored.

What do we know about the Ubuntu Forums hack?

To give you quick points about this hack and its details, I would summarize it in the following points:

  • 2 million users of Ubuntu Forums impacted
  • IP address and email address have been stolen by the hackers
  • Valid use passwords are safe
  • Ubuntu code repository and update mechanism are safe
  • Canonical ‘thinks’ that the attackers were NOT able to gain any access to any other Canonical or Ubuntu services
  • Vulnerability has been patched
  • Full service of the Ubuntu Forums has been resumed

How will Ubuntu Forums hack impact you?

If we go by Canonical’s words, your password is safe but as your email address has been leaked, you should be extra cautious about the kind of emails you receive. Don’t open attachments from emails if you don’t know the sender, don’t believe that you have won a lottery or a Libyan aristocrat is willing to marry you.

You should also remain vigilant about other kinds of email phishing scams.

What do you think?

It was not long back when we had the scare of Linux Mint hack and now Ubuntu has been targeted. As they say “a chain is only as strong as its weakest link” and this comes true for the Ubuntu Forums hack which was compromised because of an SQL injection vulnerability in a plugin.

Silly hacks (silly because SQL injection is favorite weapon of even script kiddies) like this, can only be avoided if proper security mechanism is put in place. It’s good that Canonical has used Single Sign On so the passwords are still safe but a better security around its web assets will be better for both Canonical’s reputation and users’ trust.

What do you think of the Ubuntu Forums hack?

Similar Posts

  • Pretty funny really – it certainly makes Linux admins look very stupid, just like the time before and the Mint episode. Duh

    • All things have vulnerability. This is why all passwords, salts and hash’ are used to encrypt passwords in every site and community. Vulnerability is everywhere, even in my modem.
      Just like with Adobe in 2013, but much worse: 2.9 millions and all credit cards, transaction information has been stolen, but obviously, all these data has encrypted. Some times we don’t notice, these paid or high-end services does not have the courage to say that they got cracked for 349-th times, because they will lose trust and customer ?

      I am just reminding how these services are vulnerable for people,as we, are using. Vulnerability is an invisible thing – Someone need to make these vulnerability “public”, cracking, and drawing the attention of the Service owner to fix these vulnerability. Its same thing as “I don’t see my mistakes, but others see.”

  • Security should be #1 priority. Where I come from, there is a saying: “he who has no brains, has legs”.
    Meaning that when you do something without thinking you will be running afterwards
    (so you make it right as soon as possible with double the effort, because you didn’t think of it right at the first place).

  • I like Linux, but I really don’t understand how the most important computer science community is not able to securize more their stuff. That’s a mistery for me.