Cybersecurity Company Check Point’s ZoneAlarm Forum Hacked – Attackers Exploited Patched vBulletin 0-Day Flaw

ZoneAlarm forums have been breached, more than 5k users’ details record has been exposed. The details include customers with personal information and IP address.

The ZoneAlarm is an internet security company that offers antivirus and firewall products, the company was acquired by Check Point in March 2004.

ZoneAlarm Forum Hacked

The forum was hacked using patched vBulletin 0-Day vulnerability(CVE-2019-16759) that reported on September 24, 2019. The vBulletin is one of the most popular and widely used forum software which is written in PHP.

VBulletin fixed the vulnerability in two days, on September 26, 2019, the company released patches, it affects versions from 5.0.0 till 5.5.4.

vBulletin is a forum software package based on MySQL and PHP, like other CMS this package used to build Internet forums.

The vulnerability can be exploited by the attacker sending a specially crafted HTTP POST request to execute the arbitrary code in the targeted forum.

This incident occurred due to the lack of patch management. It is a surprise that a leading security company itself running an outdated version of the forum software.

According to the breach report, the file containing 5175 unique records allegedly belonging to ZoneAlarm was found today in public forums.

The exposed data includes hashed passwords, birth dates, and IPs of ZoneAlarm forum users. The company confirms that around 4,500 subscribers with website “” were affected by the incident.

At the time of writing the website is not active and the company working on it to fix the issue. Users of the forum are recommended to reset the login credentials.

This is not the first time hackers using vBulletin 0-Day to hack forums, earlier another Cybersecurity firm Comodo Security Solutions forum has been hacked using the same exploit.

You can follow us on LinkedinTwitterFacebook for daily Cyber Security and hacking news updates.


Gurubaran is a Security Consultant, Security Editor & Co-Founder of Cyber Security News & GBHackers On Security.

Recent Posts

GoTitan Botnet Actively Exploiting Apache ActiveMQ Vulnerability

Attackers are exploiting the recently discovered critical security vulnerability tracked as (CVE-2023-46604) affecting Apache ActiveMQ…

16 hours ago

Cybercriminals are Showing Hesitation to Utilize AI When Executing Cyber Attacks

Media reports highlight the sale of LLMs like WormGPT and FraudGPT on underground forums. Fears…

17 hours ago

Vigil: Open-source Security Scanner for LLM Models Like ChatGPT

An open-source security scanner, developed by Git Hub user Adam Swanda, was released to explore…

17 hours ago

Slovenia’s Biggest Power Provider has Suffered a Cyberattack

One of Slovenia's major power providers, HSE, has recently fallen victim to a significant cyberattack.…

18 hours ago

Genesis Market Technique: Hackers Exploited Node.js and EV Certificates

In the labyrinthine landscape of cyber threats, the Trend Micro Managed XDR team has uncovered…

20 hours ago

Design Flaw in Domain-Wide Delegation Could Leave Google Workspace Vulnerable to Takeover – Hunters

BOSTON, MASS. and TEL AVIV, ISRAEL, November 28, 2023 - A severe design flaw in…

2 days ago