This is very nasty, indeed. Thanks for bringing this to attention!

The exploit was actually on the end of vbseo as their server was compromised. The remotely-hosted version checker was able to inject code as a vBulletin plugin and from there, pretty much given free reign over a vBulletin-powered board.

Lots of questions and until now, not enough answers.

After reading this, I did a search for a popular forum I know and sure enough, as a Google referral, I was redirected to a scammy affiliate site.

Thanks for the explanation of how the exploit works. Be careful visiting one of the infected vBulletin sites, some of them are handing out nasty trojans that are difficult to remove.

The VBSEO exploit just took another turn. Some forum owners have updated their sites after being hit by the first wave of this VBulletin hack but kept VBSEO, along with the apparent vulnerabilities. Now there is a second wave of hackings exploiting the hole and obtaining admin access, inspiring this thread on the vbulletins forum [vbulletin.com].

It's a mess. I saw one site where the entire site redirects to another website. I did some searching and found a forum that had at least one member's entire five year posting history replaced by links to a specific site. Really nasty stuff.

Stuff like this is one of the biggest reasons why WebmasterWorld should never move to VB, PHPbb or others of similar ilk.

Stuff like this is one of the biggest reasons why WebmasterWorld should never move to VB, PHPbb or others of similar ilk

i think this is true of all widely distributed CMS, Forums, Carts etc. they are all targets of hackers looking for exploits.

OT ... that would never happen, building this from the ground up was BT's passion!

vBulletin itself is very safe. Most issues are caused by 3rd party add-ons.
So I would prefer WebmasterWorld moving to vB it's way more user friendly than the current software.