Moving Forward After SourceForge Hack

Add Your Comments

( – SourceForge has had to re-evaluate their security setup after last week’s massive hack attack. On Saturday, SourceForge posted the details known about the hack thus far and more information on what they had done to protect their data, their users and future plans so that this type of thing does not happen again.

First discovered last Wednesday, the feeling is that they have caught things before the attack escalated beyond the first stages. From early assessment they decided to disable CVS, ishell, file uploads and other website features to prevent the further escalation of any data corruption activities. The SourceForge security team will continue to work throughout the week to get services restored as soon as possible.

One of the notable issues their analysis uncovered was a hacked SSH daemon. This hacked SSH daemon was modified to capture passwords; however they do not have reason to believe how successful the attacker was in gathering passwords from SourceForge users. Just to be on the safe side, they have invalidated all SourceForge user account passwords and users have been asked to recover account access by email.

Services are also being brought back, one by one as soon as data validation is complete.

There is still no root reason or cause found for the attack in question. SourceForge is doing all that they can to locking down servers and adding extra defenses just to make sure they are protected against further attacks from this source, or sources like it.

Looking towards the future, SourceForge is looking to accelerate the implementation of a new better security model. The same features that may have protected them when the security measures were put in place (about 10 years ago) do not seem to be standing the test of time.

Add Your Comments

You must be logged in to post a comment.