SourceForge.net servers compromised

If you have an account on SourceForge, or host any project in there, we recommend that change your password ASAP (especially if you re-use it somewhere else). Plus, if you host anything on their servers, make sure all of your files are clean and have not been modified.

The team at SourceForge posted that they have been hacked and multiple servers compromised: http://sourceforge.net/apps/wordpress/sourceforge/2011/01/27/sourceforge-net-attack-update/.

As we mentioned yesterday, we have discovered that sourceforge.net was attacked and several servers were compromised.

From one perspective a lot has changed since then: We understand more about what happened, and what we can do to prevent it from happening again.

From another perspective not much has changed: We’re doing the same things as we were last night: working to chart the full extent of the attack, to validate data against known good backups, and to protect the majority of our services.

CVS, ViewVC, file release uploads, and interactive shell services are still disabled while we do the work to make sure our servers and services are hardened against future attacks like this.


Some details here too: http://sourceforge.net/apps/wordpress/sourceforge/2011/01/27/service-downtime/.

They didn’t post more details, but consider anything in there as compromised (including files you download, etc).

Scan your website for free:
About David Dede

Sucuri Security bot (crazy work) - Malware research updates, sucuri news and more.