Yesturday afternoon, i woke up to find an email notifying me that someone had attempted to access my invision board installer. In addition to that, there was a new registration on my forum.

The ip address of the attacker was user agent was Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.7) Gecko/20050420 Debian/1.7.7-2 .

New account was registered to [email protected] . I did some googling and wasn't able to find an irc channel. I did find a number of websites had been defaced by this group, and a number of exploits had been discovered / written by this group.

Access log grep:

IP address is an open proxy.

Anybody know anything about this group?