phpBB Mass-hack being Prepared?

By | March 20, 2006

During the last few days a bot using a name FuntKlakow, has been registering to at least hundreds (maybe thousands) of phpBB forums. Next time the phpBB announces a critical vulnerability, the bot would have everything ready from attacking thousands of sites/forums.

The original posting on a German board:

“During the last few days a bot using a name FuntKlakow, has been registering to at least hundreds (maybe thousands) of phpBB forums.

http://www.google.com/search?hl=com&q=FuntKlakow&btnG=Hae&me ta=

Bot is also capable for posting to forums: http://forum.uebimiau.org/search.php?search_author=FuntKlako w

http://www.alternativ.ro/forum/search.php?search_author=Funt Klakow

But most on most forums the bot keeps silent. Ok, what is a danger? Next time the phpBB announces a critical vulnerability, the bot would have everything ready (just a post click away) from attacking thousands of sites/forums.

Best defence against these kinds of bot-members, might be setting up honeypot-forums, which the search engines can find but to which there are no permanent links from the web. When new bot-members are detected, such would be listed at each particular forum makers homepage.

When a bot would then try to register to a forum, the forum program would check the user/bot inputted user-name (or other characteristics) and if those would match to those catched by a honeypot-forums, registerin such user detais would be eliminated ( and possible IP banned for some time)”

Leave a Reply