Ubuntu Forums Is Back Up


Nathan Osman's Gravatar

Nathan Osman
published July 30, 2013, 11:42 a.m.


As of about an hour ago, Ubuntu Forums is once again available to the general public. It has been down since the Saturday before last after a hacker managed to use a compromised forum administrator's account to deface the website.

One important thing to note: you can only log in via Ubuntu SSO (Single Sign-On) at the moment. If you had a forums account but don't currently have an Ubuntu SSO account, register for one here and then set your preferred email address to the one you used in your forums account.


Update

And now that the forums are back up, Canonical has posted some more details about what exactly happened. In summary:

  • the attacker compromised a moderator's account and posted some maliciously-crafted HTML in an announcement
  • the attacker convinced a forum administrator to view a page containing the announcement and was able to obtain the administrator's session cookie
  • at that point the attacker was able to inject raw PHP into forum pages and dump the contents of the database
  • the attacker then uploaded the defacement page