Slashdot Mirror

← Back to Stories (view on slashdot.org)

Backdoor Found In UnrealIRCd Source Archive

Posted by timothy on from the channel-is-pwn3d dept.

l_bratch writes "A malicious backdoor was added to the UnrealIRCd source archive some time around November 2009. It was not noticed for several months, so many IRC servers are likely to be compromised. A Metasploit exploit already exists."

2 of 174 comments (clear)

  1. Re:Remember, kids! by Stupendoussteve · · Score: 5, Informative

    Actually, the hash was not modified from when they posted the true source. Anybody who would have checked it would have recognized that something was wrong.

  2. Re:Open source by tsj5j · · Score: 5, Informative

    Read the original linked source. The source repositories were not compromised; rather, the mirror servers were. The mirror servers had the tarballs replaced with malicious code.