- More porn sneaks onto the iPhone
- 'Swatting' case shows need to ban caller-ID spoofing
- Why the iPhone can't be "killed"
- Nortel enterprise chief wants to bring back Bay
- US sets final emergency responder wireless pilot
The Free Software Foundation, sponsors of the GNU free software project, said Wednesday that a key server housing the group's Linux software was broken into by a malicious hacker.
The software, which the Free Software Foundation refers to as GNU/Linux is a variant of Linux that is available free on the Internet.
The intrusion, which took place in March, compromised an FTP server that housed software making up the core of the FSF's GNU/Linux operating system, according to Bradley Kuhn, executive director of the Free Software Foundation (FSF) in Boston.
Those files included the GNU C language library and compiler, as well as other software utilities, Kuhn said.
The intruder compromised the FSF server using a now-patched vulnerability in a Linux component called PTRACE.
That vulnerability, which could enable attackers to remotely compromise and take control of affected Linux systems, was disclosed in March. No patch for the vulnerability was available when the FSF server was compromised, Kuhn said.
After gaining control of the FSF server, the malicious hacker took steps to disguise the compromise, installed a trojan horse program giving him or her access to the machine and harvested passwords from user accounts on the server, Kuhn said.
The affected accounts belonged to so-called "maintainers," FSF volunteers who are charged with maintaining various components of the GNU software, he said.
Those people have been notified about the compromise, he said.
After learning of the compromise in late July, FSF staff took the server off-line and replaced it with a secure server. The organization also removed all GNU software from the compromised system.
Since it discovered the problem, the FSF has been methodically reviewing the integrity of thousands of files exposed by the break-in and returning them to their FTP server, Kuhn said.
FSF volunteers have checked the versions of the software from the compromised server with originals in possession of the maintainers as well as copies from backups done before the compromise, he said. As of Thursday, 80% or 90% of the original files have verified and reposted to the server.
The FSF feels confident that the malicious hacker was interested in obtaining passwords, not tampering with the GNU software, Kuhn said.
The Leader in Network Knowledge
Comment