The registration form has a username validation function. it seems this can be abused by attackers to find out what accounts are present on the site. The attacker can run a script to try millions of possible usernames to get a member list. I have recently encountered such attack on my vbulletin...
I'm not sure which it is, spammed to death, or hacked to death. I need help from experienced users who can guide me what to do next.
I just disabled the board, so what should I do next?