There is a report Malwarebytes forum may have been compromised ? But I guess they are completely overworked I am getting: Service Unavailable The service is temporarily unavailable. Please try again later. at their website: http://forums.malwarebytes.org/index.php rrrh1
I was offline yesterday but was working this morning, I cannot access it right now either, must be more problems.
[WARNING: ANGRY DRUNKEN RESPONSE AHEAD] Yup the forum was compromised and they issued a password reset for all members before they could login. Currently offline again (who can say why) but they may just be upgrading it :O hah. Yes it seems silly that security product vendors don't use their own forum setups instead relying on 'easy' 3rd party setups but sadly it is also commonplace. You'd think some would learn a lesson and move onto their own setup instead but even vendors I trust (eg eset) continue to use the same forum software after it's been breached more than once. /begin rant Don't get me wrong, I like Malwarebytes, I love MBAE....but twas still silly and it will eventually happen again..... using a vulnerable forum software over and over is like using a bad AV over and over, it's not likely to get any better suddenly so replace it already. Make your own if you must but eventually even those who love your software will lose faith if you can't secure your own forum. (NOT saying that is why it is offline atm.) On the other side of the coin, I can understand why they would want to use a 3rd party (specialized) forum vendor that will save time and money. I don't fault them by default for this. As can be seen everywhere however the more popular something is, the more it is likely to be targeted and vulnerabilities found and then exploited. So here again comes up "Windows" anyone? Yes it is highly targeted. Often breached, often updated and like a fool I continue to use it. User hypocrisy much? Perhaps.... It's just my noob opinion that security product vendors should do more to audit the products they use instead of trusting then raising hands claiming "it wasn't our fault." (NOT saying this is what happened in this case~just a generalized dislike of the commonplace responses these days.) /end rant Love you Malwarebytes! I don't blame you....yet! =)
Forum is working again, albeit everyone isnt happy https://forums.malwarebytes.org/index.php?/topic/161236-malwarebytesorg-comprimised/ So they trust IPB's server's more than their own?
I think as they are using the forum software either way they are actually correct, allowing the forum soft vendors to handle the hosting and patching is likely to close the gap between discovery and fixes and potentially mitigate further issues. If however MB forums are among the first targeted by some new exploit it may not help much... My last post came across much harsher than it should have but I just find the situation silly. I really should just learn not to post while drunk! /me slaps self.