Read

Someone named "FuntKlakow" have been registering on thousands and thousands of forums in one day. I have no idea what this might be, but according to some it might be something nasty. So I just want to warn you all about this.

Thanks for the heads up, Stefan100! We'll keep an eye out and take action if necessary.

Edit: This seems to be isolated only to phpBB forums and not IPB so we should be safe. There haven't been any recent members here with that IP either.

- Zombie

The information I found here suggests that the person behind this setting himself up to do something very nasty to phpBB forums next time a security flaw is discovered.

EDIT: FuntKlakow does sometimes post on forums, and his signatures advertise the sort of services one associates with junk email, so I suspect that its creator is spamming forums as an alternative to sending out junk email.

His posts have pretty much the same structure and are clearly automatically generated: example.

Incidentally, in the example I found, the person called Cepelin is clearly an alias of FuntKlakow. There also appears to be two FuntKlakows as the signatures are different.

OK I searched this Cepelin with google, and guess what? Almost as many findings as with FuntKlakow... Guess this hacker have several bots.

And it just struck me, that if this hacker have several bots, some might be able to register on other forums than just phpBB ones.

As I said before, that user only seems interested in taking advantage of the flaws in phpBB forums. He/it could register at an IPB forum, but intricate knowledge of that particular software would be needed to abuse those faults.

As far as I can tell, there can only be one member with the same username in a phpBB forum. See here (search by username and ascending order). Its just that signatures in posts are probably not updated when the user changes the sig.

It is only speculation what the intentions of this bot are. Exploiting vulnerabilities in phpBB forum software may be one. Using those forums as a way to spam via a signature seems to be the primary focus at this point.

This being said, the IP is known so any attempt by this bot to register here will be quickly acted upon.

- Zombie

It seems bots are quite adept at posting on boards if guest posting is allowed. It's relatively unusual for them to register.

The thing that confuses me is, why register on all the boards unless he's planning on doing something to them NOW? If he just leaves all those registrations out there, that's plenty of time for admins to cotton on, and by the time he's got a flaw to exploit his IP will be blocked all around the web.

My guess is that he's setting up a spam network, or just looking for boards where the mods aren't paying attention.