Ubuntu logoThe company Canonical has published a report with details of the recent hacker attack on the Ubuntu forums, which resulted in the attackers took control of the credentials of the 1.8 million users.

“On July 14, 2013 the malefactor managed to get access to the account of one of the forum moderators. This was a moderator right to post on the forum announcements, which may contain HTML-code “, – the report says.

Swindler posted on the forum announcement with malicious JavaScript-insert, and then sent private messages to three forum administrators, reporting the alleged server’s error on the page of announcements. One of the administrators decided to check the announcements page, found nothing suspicious and said false moderator personal message. Subsequently, an attacker logged on as an administrator, having received full access to the ambiance of vBulletin. Continue reading