Monday 18 July 2016

Canonical warns of Ubuntu forum hack

Canonical in one of the article announced a security breach on Ubuntu forum using the widely known hacking technique, SQL injection. The security breach was discovered on July 14th, after a Ubuntu Forum Council member notified the the Canonical's IS team about a person claiming to have a copy of Forums database. 

Ubuntu Forum
Ubuntu Forum screenshot. Source:
The hackers used the SQL injection technique to read data from the user tables thus gaining access to the username, email address and IP address for more than 2 million users. Since the Ubuntu Forums uses single sign on for logins, no active passwords were accessed. 

Canonical also claims that the attacker was not able to have access to Ubuntu Code repository and user passwords. Neither were they able to escalate past remote SQL read access and gain remote SQL write access to the forums database.

If you are unaware, Ubuntu forum is a Q/A place for Ubuntu users. Canonical found out that the breach was due to a vulnerability in the third party vBuleting platform that powers the forum, and they have patched it. They backed up the servers running vBulletin, wiped them clean and rebuilt them from the ground up. They also had reset the system and database passwords. The monitoring of third party vBulletin has been tightened and ModSecuriy, a web application firewall has been installed to help prevent similar attacks in future. 

This should not in any case makes you think Linux us less secure. Ubuntu Forum is a website and the hack has been possible due to a third - party app. The Linux and Ubuntu, and other Linux distributions are perfectly safe to use and offers the best security. 


Post a Comment