Announcement: Zero-Day InstaKilla Attack ---> vBulletin Forum Software, September 2019

On 24th September a vBulletin exploit was publicly disclosed, TKNZ and thousands of other forums use this software, the now well publicised hack gives the hacker 'full root access' and effectively deletes all website data, replacing it with a ransom demand.

TKNZ was attacked, in a couple of days brought down, and by yesterday morning all that was left was this page, basically a ransom note:

Click image for larger version  Name:	zdattack.2.jpg Views:	3 Size:	106.4 KB ID:	52819

Our tech team at Wellington Websites got on top of the problem working actively to minimise the predation and later on vBulletin publicly released a patch for the exploit. 24 hours later the site is up and running again but data from the last 4 days is lost since the most recent full backup was 22nd September.

Uploading the entire 10GB+ of forum data and the subsequent total site restoration took many many hours of tireless work and ultimately we had to pay an outside specialist to complete this mornings final database restoration.

FWIW: It is seriously 'big business', this skullduggery, see below the following 'fee structure', i.e. what an 'acquisition platform for premium zero day exploits' will pay developers of these malicious and destructive 'tools', in order to create chaos and hold people to ransom

'Zerodium is the 'world-leading acquisition platform for premium zero-days exploits and advanced cybersecurity research. We pay BIG bounties, not bug bounties!' - Zerodium

Click image for larger version  Name:	zdattack.png Views:	0 Size:	595.3 KB ID:	52822

TKNZ greatly appreciates members various offers of assistance and is particularly grateful for the large volume of technical work by our Web Master (Michael) from Wellington Websites.