A botnet has been detected utilizing the recently disclosed vBulletin exploit to secure vulnerable servers so that they cannot be used by other attackers. This allows the botnet to grow their army of compromised servers without fear that other attackers will use the same server. The original vulnerability let’s any attacker execute a command on the server. It is not known for sure what the attackers plan on using the compromised servers for, but Mursch feels that it’s to further grow their botnet for conducting other attacks.
Source: https://www.bleepingcomputer.com/news/security/botnet-uses-recent-vbulletin-exploit-to-block-other-hackers/