Hey all.
I'm saddened to tell you that there has been a hack on villavu, similar to the one on MITB. (https://www.moparisthebest.com/smf/i...514987.80.html). The attacker got in using the account of an admin (name doesn't matter), somehow also knew the password to the 2nd auth (HTTP auth, password may have been the same?) and got into the admin cp. Then changed the password of another admin that had access to the plugins section of VB, changed plugin code to something that resembles a minimalistic shell. I can only assume the worst and that he has indeed managed to dump (a part) of the database. The bandwidth logs would indicate something like this might have happened. The server itself seems to be safe - as the user only had access to the httpd account.
You must all fear for the worst. Check your PM's. If you ever sent a password over PM to anyone, make sure you change it. PM's are also part of the database. While this really sucks, in my defence I can only say there wasn't much to do to prevent this - social engineering and phishing just happens, I suppose.
This couldn't have come at a worse time as I am very busy trying to finish my bachelor thesis and I really don't have the time to install new forum software right now. However, it doesn't appear to be a problem with vBulletin - except for the idiots who work for them and decided you should be able to edit plugins (read: add php code) from the admincp.
It is very well possible the forum has been hacked due to an admin using the same password over at mopar's - or a previous forum that has been compromised. Let me say this just once more: Never, I repeat, NEVER use the same password across different sites.
Obviously we'll enforce a password change as well.