Yesturday afternoon, i woke up to find an email notifying me that someone had attempted to access my invision board installer. In addition to that, there was a new registration on my forum.
The ip address of the attacker was 18.104.22.168 user agent was Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.7) Gecko/20050420 Debian/1.7.7-2 .
New account was registered to [email protected] . I did some googling and wasn't able to find an irc channel. I did find a number of websites had been defaced by this group, and a number of exploits had been discovered / written by this group.