So on June 9th, 2015, user Cloudworxz posted about a weird forum he found. He said he found a forum of bots that posted sketchy downloads, but they only used the usernames of BLF users. Most people didn't believe him, until a link was posted. The forums investigated the site, apparantly hosted on a legitimate phone-book website, but by the morning it had dissapeared.
More of these sites appear if you Google very specific BLF usernames, or if you reverse image search images from these forums. Let's compile them, and figure out what is going on. If you post any links, please put spaces around all periods in the URL.
These forums are all hosted on legitimate websites. Were they hacked? Are they renting spare server space? Why do they BLF users on them?
Warning: The sites are full of bots. They most likely post adware or perhaps even malware. Be very careful if you visit.www . getchip . net/log/ (active, Russian)
http:// persephonebooks . co . uk/log/index . php (deleted, British)
http:// urngp . ru/log/index . php (active, Russian)
http:// mugibijin . co . jp/log/ (active, Japanese
http:// exhibitionswales . co . uk/log/ (active, British)
http:// c2property . com . au/log/index . php# (This one is weird... it's just one thread?)
http:// 4officestore . ro/log/ - (active - Romanian)
Apparantly each of these sites has it's own (real) forum. Each of them forums use Apache. The trojans hosted on the sites all link to the some place. One person or group prowled the BLF for usernames and is now exploiting a glitch in Apache to host malware on legit sites.
The mystery continues! Let's figure this out, BLF!
Confirmed User Bots: (post users you see below)
Waru
Mr. Nobody
Idle
Pie Crust
Kimon
Brickmaster
Dreams of Cheese
XR-7
Freek
Rigel
Lugnut
Barnabas Dargerelden (merged into one user)
Valkerone
Zombidude
stufflord
Refticus
Reinforcements
Ravencroft
Satan From Wreck-It-Ralph
Sentry
Jairo (he's an admin)
Casanova
LeetZero
Mr. Man Electrk (merged into one user)