UPDATED 12:22 EDT / NOVEMBER 21 2012

NEWS

Hackers Intrude Into FreeBSD Servers with SSH Key Breach

An intrusion was recently detected into two machines in the FreeBSD infrastructure; and the attack was facilitated with the help of a stolen SSH authentication key and login credentials. Following this, the affected machines were taken offline for further analysis, and to understand the extent of damage. Here’s what FreeBSD reported on its website about the intrusion,

On Sunday 11 of November, an intrusion was detected on two machines within the FreeBSD.org cluster. The affected machines were taken offline for analysis. Additionally, a large portion of the remaining infrastructure machines were also taken offline as a precaution.

We have found no evidence of any modifications that would put any end user at risk. However, we do urge all users to read the report available at http://www.freebsd.org/news/2012-compromise.html and decide on any required actions themselves. We will continue to update that page as further information becomes known. We do not currently believe users have been affected given current forensic analysis, but we will provide updated information if this changes.

While none of the base repositories were hit by the attack, only servers hosting source code for third-party packages were exposed by the attack. Still, FreeBSD has warned its users to keep a check on third-party packages installed or updated between 19 September and 11 November.

But FreeBSD is not the only open source operating system that suffered a server intrusion, as we saw Linux servers too suffering a malware attack and server compromise last year. The Linux intruder managed to gain root access to a server known as Hera and “a number of servers in the kernel.org infrastructure were compromised” according to a notice posted on Kernel.org. This resulted in taking down of kernel.org for more than a month.


A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU