SourceForge.net servers compromised

  • January 28, 2011

If you have an account on SourceForge, or host any project in there, we recommend that change your password ASAP (especially if you re-use it somewhere else). Plus, if you host anything on their servers, make sure all of your files are clean and have not been modified.

The team at SourceForge posted that they have been hacked and multiple servers compromised: http://sourceforge.net/apps/wordpress/sourceforge/2011/01/27/sourceforge-net-attack-update/.

As we mentioned yesterday, we have discovered that sourceforge.net was attacked and several servers were compromised.

From one perspective a lot has changed since then: We understand more about what happened, and what we can do to prevent it from happening again.

From another perspective not much has changed: We’re doing the same things as we were last night: working to chart the full extent of the attack, to validate data against known good backups, and to protect the majority of our services.

CVS, ViewVC, file release uploads, and interactive shell services are still disabled while we do the work to make sure our servers and services are hardened against future attacks like this.


Some details here too: http://sourceforge.net/apps/wordpress/sourceforge/2011/01/27/service-downtime/.

They didn’t post more details, but consider anything in there as compromised (including files you download, etc).

David is a Security Researcher at Sucuri. He spends most of his time dissecting vulnerabilities and security issues. You won't find him on Twitter because he is paranoid about privacy.

Related Tags
2 comments
  1. Pingback: Tweets that mention SourceForge.net servers compromised | Sucuri -- Topsy.com
  2. Pingback: Server SourceForge di Hack | Berita BSD

Comments are closed.

Related Categories
You May Also Like