Server wide exploit attempted

Someone managed to execute a script on our server which replaced all instances of the file "viewtopic.php", the code that displays a post, with an older and insecure one.

This attack was not targeted at TalkaboutUSA specifically, but all PhpBB forums running on the server we share. I know this because some test forums I have, which aren't available or known to the public, had the viewtopic.php changed at the same time. Looks like the script simply search the disk for all instances of the file with that name.

We detected this attack within minutes of the attempt because we monitor all forum code for unauthorized changes. Once it was detected, I locked down our forum and reported the details to Dreamhost, who are investigating and securing the box.

Other than a few hours of downtime, I don't forsee any other inconvenience from this attack. Rest assured we will restore service as soon as we are able to so safely.

Thanks for your patience.

Security concerns

The site is off-line now due to some security concerns. I'm investigating, and hope to have service restored in a few hours.

Sorry for the bother.