Downtime for and Server Compromise

Today we made a routine visit to visit the PHPBB site to check out for any new bulletin board styles to download, and were surprised to see a message reporting that they have been attacked and the site is down. This is attributed to a 0-day-exploit in their PHPList installation.

For those new to the term, a zero-day (or zero-hour) attack or threat is a computer threat that tries to exploit unknown, undisclosed or patch-free computer application vulnerabilities. The attacker gained entry through the PHPList application and was able to dump a complete backup of the emails on file. He then used the same exploit to access the database. Both the email list from PHPlist and a copy of the users table were then posted publicly. According to the information on the Area51 site this is down to vulnerability in phpBB2, which uses an md5 algorithm to store passwords. This is not considered to be a problem in phpBB3 which uses a more complex hashing algorithm.

Regretfully this attack means that will remain unavailable while they work to recover the situation. For more information about the vulnerability and exploitation visit Area51 @