Comodo is considered as the giant of cybersecurity, they bill themselves as the global leader in cybersecurity solutions. But recently even the website of Comodo has been hacked.
The admission came up when a forum was posted, and this confirmed that a hacker has exploited their recent disclosed vulnerability in the vBulletin. vBulletin is a popular forum software technology which is widely used by the cybersecurity giant Comodo. The fault allows the hacker to run a malicious code remotely on a susceptible forum, which needs little skill to manipulate. Due to this situation, the manipulation was used to destroy the database of a whole person.
The manipulation code which was used to exploit the cybersecurity giant, was released on 23nd September. Two days after this incident, vBulletin issued the patches for the software.
Interestingly, Comodo claimed in their disclosure that the security of them is very strict and they it very seriously. It was the highest priority of Comodo to make their website safe from the hackers. Though they claimed it in their disclosure, they didn’t immediately path their forum software and after four days, when they released their patches, hackers hacked the forum.
Cybersecurity giant later revealed that the hackers stole their usernames, email addresses, names and the last IP address of the users which was used to get into their forum. In addition to these things, several social media handles were stolen too in that breach. Comodo also revealed that the number of registered forum users which where stolen was around 245,000. Based on the record and hacking history, this is not the most ruinous attack, but it is a wounded lapse of the security for a company like Comodo. This wounded lapse claims to be half-decent at this thing. This is the 2nd security snafu of Comodo in this year and the previous one destructively exposed the passwords which allowed security researcher to get into the company’s intranet and even got accessed to the internal files as well as the documents.