Railworks America

It looks like the Russians have arrived.

yup

What!!! Where did it the hackers are come from?

Is there a fix for this invasion?

Possibly, but we are using an old version of the forum software and the most logical move would be to update.
But this would cause other problems, and I don't have the time and skills.

The Russians have retreated.
Who you host with should provide an anti bot functionality.

Chacal and I have both been asking about someone with the skills to dig into some of this possible updating and upgrading but so far no one has raised their hand. The search continues. Kudos to Chacal for figuring out how to get rid of all the junk. I got rid of the bad actors and the posts but was having trouble eliminating the ghost topics left behind. He figured that out.

I did a little investigating. I translated some of the Russian topics that were spammed to the sections and found commonalities between them. They pointed towards a particular type of Russian ransomware that is used to pressure website owners to pay up.

But the interesting thing was that this particular ransomware seemed to be an older one. Because the discussions about it on the web were in the 2018-2020 era. I didn’t see any newer mentions of it. This leads me to believe that anti-virus software released a defense to it. Maybe your forum software needs a more modern update to defend against it …or… it was just a spam mention of a particular type of ransomware, but it was never actually used here. Just throwing a theory out there.

Thanks anyway for the detective work.