12
The avast! forum remains offline since it was hacked on May 24, 2014. No word has yet been released as to the exact attack vector used to gain entry. Company representatives said the database of usernames, email addresses and hashed passwords for its almost 400,000 members was downloaded by the hackers.
The avast! forum was running on the SMF (Simple Machines Forum) software package. The avast! COO stated they were running version 2.0.6, though there was confusion over why their forum had an old copyright date notice in their footer, (i.e. SMF © 2012). There were no versions of SMF v2 using that date. A v2.0.6 SMF forum should have had a 2013 date for its copyright notice.
Early speculation by avast! staff was that there was an unannounced security fix in the latest version of the SMF, v2.0.7, which may have been used to hack their forum. The SMF support team denies any security fix was included in 2.0.7.
This forum was built deliberately to review the upgrade path, copyright notice dates, and code changes, occurring from a base install of SMF v2.0.3, and stepping through each patch/upgrade kit to 2.0.7. No 2012 copyright signature ever appeared throughout this process. Likewise, a code review performed here showed no security fixes occurred from 2.0.6 to 2.0.7. The changelog from the SMF website appears to be accurate.
avast! and the SMF team have said they are working together to review logs, and any other available data, in order to determine just what happened during the hack.
Recent Posts