Breachforums官方回应

原文内容：

Hello everyone,

We would like to provide an update on recent events over the past two weeks. In or around April 15, we received confirm ation of information

that we had been suspecting since day 1 - a IlyBB Oday. This confirmation came through trusted contacts that we are in touch with, which revealed that our forum (breachforuns. st) is subject to infiltration by various agencies and other global law enforcement bodies.

Upon learning of this, we inmediately took action by shutting dowm our infrastructure and initiating our incident response procedures. Ou findings indicate that, fortunately, our infrastructure were NOT compromi sed, and no data was infiltrated. Subsequently, we began auditing t MyBB source code and we believe we have identified the PHP exploit.

We would like to sincerely apologize to the counity and our staff for the lack of comunication and transparency during this time. As you can appreciate, given the nature of our work, our priority had to be securing the safety of our infrastructure, staff, and the community above all else. Now that our incident response is complete, we are actively working on a complete rewrite of the forum backend.

Finally, we would like to address the growing nunber of BreachForums clones and the various rumors circulating about us and our

administrators. We want to reassure everyone that no menmbers of our team have been arrested, and as previously mentioned, our infrastructu

remains secure. We strongly advise against engaging with these BreachF orums clones, as they are likely honeypots and carnot be trusted. Pleas

exercise caution and be discerning in whom you trust and which services you use.Thank you for your understanding and continued support.

Best regards

BreachForums Administration

翻译：

大家好，

我们想提供过去两周的最新情况。大约在 4 月 15 日，我们从一开始就怀疑的信息得到了证实——一个 IlyBB 零日漏洞。这一确认信息来自我们一直联系的值得信赖的渠道，他们透露我们的论坛（breachforuns. st）受到各种机构和其他全球执法部门的渗透。

得知这一情况后，我们立即采取行动，关闭基础设施，启动事件响应程序。我们的调查表明，幸运的是，我们的基础设施未被攻破，没有数据被渗透。随后，我们开始审计 MyBB 源代码，我们相信已经找到了 PHP 漏洞。

我们想真诚地向社区和我们的员工为这段时间缺乏沟通和透明度道歉。考虑到我们工作的性质，我们的首要任务必须是确保基础设施、员工和社区的安全。现在事件响应已完成，我们正积极进行论坛后端的全面重写。

最后，我们想解决越来越多的 BreachForums 复制品以及关于我们的各种谣言。我们想提醒大家，我们团队没有成员被捕，如前所述，我们的基础设施仍然安全。我们强烈建议不要参与这些 BreachF orums 复制品，因为它们很可能是陷阱，不能被信任。请大家谨慎行事，谨慎选择信任的对象和服务。