Our operators will post updates to the network, outages, and other news. Check back soon to find the latest news.
List : 1 | 5 | 10 | 25 | archive
We've learned (through our team member Jobe) that UnrealIRCd.com announced that their downloads were compromised with a backdoor. Forcing the vbirc network to take immediate action to protect the servers and the users on it from abuse. A preventive meassure.
While our operators were scanning the 25+ servers to find out which ones were potentially running this unrealircd trojan build, Bryan from xzibition.com (a provider we use for a few of our leaf servers) has put together an automated script to help patch and update the irc servers.
Of course, since the core of the product is affected, a restart of the irc server is required, leading to netsplits on our network. To avoid unneeded downtime, and more convinience we decided to do them all in the span of an hour, and of course only the affected servers. The work has now been completed.
With the lack of a development team, and this embarashment from unrealircd.com (their site was compromised end 2009, and they did not spot this), we have decided to currently stick to 3.8.x branch and not upgrade to 3.9 or 4.0. and in the future potentially move to an alternative.
Anyway, we apologize for the unforseen and unannounced netsplits. But to avoid abusive users exploiting our server while we were fixing it, we decided to not disclose the maintenance until afterwards. Our internal review disclosed that none of our servers were exploited.
More information about this (if you're running UnrealIRCd yourself for example) can be found here, including "how to patch unrealircd 3.8.2.1 backdoor trojan": http://dl.dropbox.com/u/693961/vbirc_trojan_scan_unrealircd.txt
Floris
