Slashdot Mirror

← Back to Stories (view on slashdot.org)

ProFTPD.org Compromised, Backdoor Distributed

Posted by CmdrTaco on Thursday December 2, 2010 @01:40AM from the scary-world-we-live-in dept.

Orome1 writes "A warning has been issued by the developers of ProFTPD, the popular FTP server software, about a compromise of the main distribution server of the software project that resulted in attackers exchanging the offered source files for ProFTPD 1.3.3c with a version containing a backdoor. It is thought that the attackers took advantage of an unpatched security flaw in the FTP daemon in order to gain access to the server."

1 of 152 comments (clear)

Min score:

Reason:

Sort:

Dumb comment. by Anonymous Coward · 2010-12-02 01:58 · Score: 5, Informative

And how, exactly, would the attackers sign the distribution files with the same private key the project uses?