First of all, let me be clear that No user data appears to have been put at risk as a result of this attack. If we learn otherwise, we will notify you.
Recently, many users have experienced intermittent errors involving a message like "Cannot modify header information." Aside from preventing users from using forums features because their request was interrupted, these errors seem to be harmless. However, they began happening at the same time that a piece of malware was installed on the server.
The malware in question is a known cryptocurrency miner, with the objective of using our host's CPU rather than try to find any user data on the server. However, the attack that installs the malware also seems to cause the instability that we have observed.
It appears to have been a random attack, not a targeted one.
We cleaned out the affected area and restarted the server, but the attack was repeated a few hours later. Then we cleaned and restarted it again, this time taking steps to prevent the reinstallation of the malware, but we do not know whether they will be effective in also preventing the instability. At this time, we are still investigating what vulnerability was exploited for the attack. Once we have identified that, we can close it off more decisively.
I ask for your continued patience with these intermittent errors until the issue is resolved.
Recently, many users have experienced intermittent errors involving a message like "Cannot modify header information." Aside from preventing users from using forums features because their request was interrupted, these errors seem to be harmless. However, they began happening at the same time that a piece of malware was installed on the server.
The malware in question is a known cryptocurrency miner, with the objective of using our host's CPU rather than try to find any user data on the server. However, the attack that installs the malware also seems to cause the instability that we have observed.
It appears to have been a random attack, not a targeted one.
We cleaned out the affected area and restarted the server, but the attack was repeated a few hours later. Then we cleaned and restarted it again, this time taking steps to prevent the reinstallation of the malware, but we do not know whether they will be effective in also preventing the instability. At this time, we are still investigating what vulnerability was exploited for the attack. Once we have identified that, we can close it off more decisively.
I ask for your continued patience with these intermittent errors until the issue is resolved.
Last edited: