Noticed that Tuba and Marley are both listed as Moderators now, rather than Administrators. Is that change due to the hacking? What does it mean from a board operations standpoint, if anything? Do the permissions/access change with the title?
Sorry if I’m treading on sensitive ground. Feel free to tell me to shove it… I really don’t care so much about the “why” but more curious about what effect that has on how things work.
In 20-20 hindsight, if the admins had access to the database they probably should have accessed the board (as admins) via a Live-CD. Yes this is a moderate hassle. Banking on a Live CD – Krebs on Security
No, I’m not making any claims about how the hacking took place. I have no idea.
What’s strange about this is that admins don’t have database access by default in vBulletin – you have to manually enable it by editing a configuration file and putting the user ids of any users you want to have that extra access, something I highly doubt the SDMB did. And even if they had, the correct solution would be remove that access, not to remove the admins from the admin user group.
I find the lack of any kind of official response in this thread interesting.
I don’t know much about how hacks like this occur, but is it possible someone at the admin level got breached first through some kind of phishing, giving the hackers access to the entire database? Just weird that they’d revoke admin rights for everybody that had them, or nearly everybody anyway. I’m sure it’s only temporary while they suss out what happened, but it’s still very curious.
Maybe the hackers got Admin control and demoted anyone who could foil their nefarious scheme? That would explain both the new titles and the fact that TPTB aren’t saying shit about it.