Šodien nejauši sanāca ieskatīties phpBB foruma mājas lapā un ierastās lapas vietā ieraudzīt paziņojumu, ka politisku motīvu vadīti hakeri ir to uzlauzuši. Paziņojumā gan ir teikts, ka šie hakeri to ir panākuši izmantojot kļūdu nevis pašā phpBB forumā, bet gan kādā citā programmā. Kā atceramies, tad pagājušā gada nogalē phpBB foruma kļūdas dēļ cieta vairāki tūkstoši lapu, kas izmantoja šo forumu. Paziņojumā ir arī minēts, ka phpBB lapa nebija vienīgais upuris. Tikušas uzlauztas arī citas populāras lapas. Tas liek domāt, ka šo hakeru rokās ir nonācis kāds 0-day exploits un iespējams drīzumā cietīs vēl citas lapas.
Paziņojums [url=http://www.phpbb.com]phpBB[/url] mājas lapā:
[q]At present www.phpbb.com is offline due to a group of politically motivated hackers wishing to use an opensource project to push their agenda … shame on them.
I will take this opportunity to note that given currently available information this hacking episode does not appear to be due to phpBB itself. Instead a third party application looks to have been the problem. Other sites were attacked at the same time as www.phpbb.com by the same group displaying the same information and in these cases the same third party application has been suggested as the common factor (thus far). Equally we are not aware of any other phpBB boards being attacked and we have not been notified of any valid security issues recently. Obviously we will have more details when we’ve reviewed just what happened.
We are working to recover the server. At best we may be back online Tuesday 8th February but more likely later that week. Meanwhile users can visit our development board, area51.phpbb.com where they can receive support for phpBB 2.0.x. Of course you can also view the next version of phpBB, 3.0 “Olympus” in the process (minus the new style of course!)
We are also maintaining our IRC support channel, #phpbb on the irc.freenode.net network
We apologise for any problems this may cause our userbase. We obviously take the huge support our community gives phpBB very seriously. And we will do our best to return to “normal operations” just as soon as we can.
psoTFX – phpBB Group[/q]
[q]We have some possible further details of the events which led to the loss of www.phpbb.com. Though I have not spoken with them myself I have learnt through an intermediary the group that appears to have attacked phpbb.com did indeed use a vulnerability in awstats to gain entry to our server (note the singular use of server there, we don’t own a server cluster, just a server).[/q]