[Full-Disclosure] Suspect phpBB users

[Jack Yan]

Dear Full-Disclosure members:

I am not a computer expert, just a regular Joe who hopes this information 
may be useful to you.
    We are running phpBB and last week, a DoS attack was launched against us.
    We have since upgraded, but among our new users over the last few days 
have been a Weber361, a Weber395, and a nderevyanko.
    Googling the last user name, I've found 4,900 references—most with 
guestbooks or forums—to which nderevyanko has signed up. He has been 
preceded by a few Webers, and some Irenas, often citing that 
killhim.boom.ru is their home page.
    I have heard that there is a phpBB worm doing the rounds over the 
holidays, and wonder if this is related in some way.
    My hosting company recommended this list and I hope members, being far 
better versed on these matters than me, can get word out.
    Other than the frequency with which the Webers and nderevyanko have 
signed up to thousands of sites over the last few days, I've no proof that 
they are malicious—but since the DoS attack I am on alert.
    I hope this information is useful and that this has been a post that's 
considered on-topic.

Yours sincerely,

Jack Yan, LL B, BCA (Hons.), MCA <http://jackyan.com>
CEO, Jack Yan & Associates <http://jya.net/>
CEO, Lucire LLC <http://www.lucire.net>

Lucire, the global fashion magazine: <http://www.lucire.com>
Visit Beyond Branding, <http://www.beyond-branding.com>—in its second printing

----------