Threat Level: green Handler on Duty: Kevin Liston

SANS ISC: InfoSec Handlers Diary Blog - Sourceforge attack InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Sourceforge attack

Published: 2011-01-29
Last Updated: 2011-01-29 16:07:57 UTC
by Mark Hofman (Version: 1)
1 comment(s)

 Like most of you have been aware of attacks on Sourceforge. Not sure what the motives behind these are, but a number of devices have been compromised and for those of you who host projects there you will have seen that some services are not available.  A number of you have also received a password reset email. 

"We recently experienced a directed attack on SourceForge infrastructure
(
http://sourceforge.net/blog/sourceforge-net-attack/) and so we are
resetting all passwords in the 
sf.net database -- just in case.  We're
e-mailing all 
sf.net registered account holders to let you know about this
change to your account."

The email directs you to the "forgot password" page to reset your passwords.  As with all email containing links mak sure you check it or follow the advice, but go to the sourceforge pages directly rather than clicking a link in an email. 

The netblog states that code hosted is not affected. 

Hopefully they will find out who is behind it and they will let all of us know. 

Mark 

Keywords: ddos SourceForge
1 comment(s)
Diary Archives