ZoneAlarm forum site hack exposed data of thousands of users

This is really an embarrassing incident, ZoneAlarm forum site has suffered a data breach exposing data of its discussion forum users.

ZonaAlarm, the popular security software firm owned by Check Point Technologies, has suffered a data breach. According to the post published by The Hacker News, the security breach exposed the data of ZonaAlarm discussion forum users.

The ZoneAlarm suite includes antivirus software and firewall solutions to and users and small organizations, it has nearly 100 million downloads.

“Though neither ZoneAlarm or its parent company Check Point has yet publicly disclosed the security incident, the company quietly sent an alert via email to all affected users over this weekend, The Hacker News learned.” reads the post published by The Hacker News.

The company sent a data breach notification mail to forum users urging them to change their forum account passwords. At the time it is unclear when the attackers compromised the ZoneAlarm forum. The message revealed that attackers gained unauthorized access to forum members data, including names, email addresses, hashed passwords, and date of births.

The good news is that the number of affected members is not so great, the incident only impacted the “”domain, which has roughly 4,500 subscribers.

“This is a separate website from any other website we have and used only by a small number of subscribers who registered to this specific forum,” reads the data breach notification message. “The website became inactive in order to fix the problem and will resume as soon as it is fixed. You will be requested to reset your password once joining the forum.”

The incident is embarrassing because was caused by the lack of patch management for the impacted forum. A company spokesperson told The Hacker News that attackers exploited the CVE-2019-16759 remote code execution vulnerability in the vBulletin forum software.

In September, an anonymous hacker disclosed technical details and proof-of-concept exploit code for a critical zero-day remote code execution flaw in vBulletin. The issue could be exploited remotely by an unauthenticated attacker. The PoC exploit published by the hacker works on vBulletin versions 5.0.0 till the latest 5.5.4, and the ZoneAlarm forum was running the 5.4.4 version.

The zero-day flaw in the forum software resides in the way an internal widget file of the forum software package accepts configurations via the URL parameters. The expert discovered that the package fails to validate the parameters, an attacker could exploit it to inject commands and remotely execute code on the vulnerable install.

Another security firm suffered a data breach due to the CVE-2019-16759 remote code execution vulnerability. In October, hackers breached the ITarian Forum, the Comodo discussion board and support forum, accessing login credentials of nearly 245,000 users registered with the Comodo Forums websites.

ZoneAlarm immediately launched an investigation into the incident and took down the forum website.

Pierluigi Paganini

FAIR USE NOTICE: Under the "fair use" act, another author may make limited use of the original author's work without asking permission. Pursuant to 17 U.S. Code § 107, certain uses of copyrighted material "for purposes such as criticism, comment, news reporting, teaching (including multiple copies for classroom use), scholarship, or research, is not an infringement of copyright." As a matter of policy, fair use is based on the belief that the public is entitled to freely use portions of copyrighted materials for purposes of commentary and criticism. The fair use privilege is perhaps the most significant limitation on a copyright owner's exclusive rights. Cyber Defense Media Group is a news reporting company, reporting cyber news, events, information and much more at no charge at our website Cyber Defense Magazine. All images and reporting are done exclusively under the Fair Use of the US copyright act.

Global InfoSec Awards 2022

We are in our 10th year, and these awards are incredibly well received – helping build buzz, customer awareness, sales and marketing growth opportunities, investment opportunities and so much more.


10th Anniversary Exclusive Top 100 CISO Conference & Innovators Showcase