1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Tapatalk says add-on exploit discloses emails and passwords - but which??

Discussion in 'Resource and Add-on Discussions' started by Mouth, Dec 14, 2014.

  1. Mouth

    Mouth Well-Known Member

    Does anyone know which add-on? Has this been disclosed to XF?
  2. Mouth

    Mouth Well-Known Member

  3. Mouth

    Mouth Well-Known Member

    Hopefully XF will fully inform us ??
  4. arn

    arn Active Member

    ya, no news yet. but am paying attention to it myself too.
  5. RobinHood

    RobinHood Well-Known Member

  6. Jim Boy

    Jim Boy Well-Known Member

    My money is on a badly composed bespoke add-on, I think it would have been reported here first if that wasn't the case
  7. Brogan

    Brogan XenForo Moderator Staff Member

    We know nothing about it.
  8. MattW

    MattW Well-Known Member

  9. Brogan

    Brogan XenForo Moderator Staff Member

    Liam W, Amaury, MattW and 2 others like this.
  10. Chris D

    Chris D XenForo Developer Staff Member

    Sounds like they ought to get their facts right before pointing fingers in the future!
    Liam W, 1im, Daniel Hood and 8 others like this.
  11. rainmotorsports

    rainmotorsports Well-Known Member

    Quadruple post!

    Well they blamed an add-on from the start. Was it just WP or was it a bridge plugin causing the actual vulnerability? Sounds like they did point the finger wrong but eh.
  12. Ingenious

    Ingenious Well-Known Member

    This is a terrible email - I got it too - it is worded to quite clearly blame a forum plugin, so when I went and found their forum runs Xenforo, like every Xenforo owner, I panicked. Now they are saying it has nothing to do with Xenforo. Also their email contained a link to the TT client area. When I clicked it, I was already logged in. How is that possible, if they reset the passwords (and I have not logged in for some time either, so I hope the email link was not a direct route to my private area!)? It also took my old password when I reset it. I'd post this on the TT support forum, but I'm scared to log in there now, in case "they" are watching me and stealing my precious bodily fluids.
  13. Floyd R Turbo

    Floyd R Turbo Well-Known Member

    Agreed. The first thing I thought was that the add-on was hacked, meaning, all of my forum users info was hacked. Thankfully this was not the case, it turned out only to be users of the Tapatalk XF support forum, and then, only users who had manually logged in since the 12/10. Unfortunately, I was one of those as I needed to do so after a username change - and I might note, after I did this, the app on my iOS acted very strangely, I changed my username and it kept wanting to change it back, kept logging me in to my account then erroring out and saying that I had to log in again (in which case it had switche dme back to my old login username)...wondering if that is related at all.
  14. MattW

    MattW Well-Known Member

    Unfortunately, we are going to have to take their word on what was accessed and stolen.

    They have said data was being streamed back to a server in Sweden. This being the case, they could have been streaming anything back to it they wanted.

    The forum being breached is the best case admittance given what their app does.

    After seeing how they have operated over the years, and how the keep introducing more and more bugs into their own app, this is the final straw for me. I reinstalled it for the few members who wanted it. It's gone for good now.
  15. Andy.N

    Andy.N Well-Known Member

    I have uninstalled years ago.
    D.O.A. and SneakyDave like this.
  16. Amaury

    Amaury Well-Known Member

    We never bothered installing it as we saw no need for it, and we certainly don't plan on installing it in the future.
    D.O.A. and x3sphere like this.
  17. Snog

    Snog Well-Known Member

    I'd like to thank TapaTalk for exposing an email address that has never had a single spam email in it's history. I'll just bet that changes now. :mad:
  18. Mouth

    Mouth Well-Known Member

    paul@tapatalk and x3sphere like this.
  19. Jim Boy

    Jim Boy Well-Known Member

    Whilst it is a WP issue, it is a timely reminder for any forum owner that add-on code has the potential to compromise a forum, either through poor coding or something more nefarious.
    sgray and thedude like this.
  20. WoodiE

    WoodiE Well-Known Member

    Which begs the question, why would the hacker(s) stop at just the support forum? How do we know they haven't modified other code or other exploits and have gathered personal forum admin information such as name, address, business tax id / SSN for those admins that have monetization enabled via tapatalk?

    This entire process has been a cluster fluff from the start. An email telling users to reset their password with the links pointing to the Tapatalk Admin CP, then stating the Admin CP wasn't hacked but only the support forums. Stating old passwords have been de-activated when in fact old passwords still worked fine. Blaming a XF addon then reporting it wasn't XF but instead Wordpress or some addon for WP.

    For me, I get the feeling they have no idea what has or hasn't been compromised nor how said hacker did their deed.
    Mouth likes this.

Share This Page