Open-Source Project Server Hacked, Software Rigged With Backdoor Trojan

  /     /     /  
Publicated : 22/11/2024   Category : security


Open-Source Project Server Hacked, Software Rigged With Backdoor Trojan


ProFTPD File Transfer server software compromised by attackers; anyone who downloaded it between Nov. 28 through Dec. 2 most likely at risk



The main FTP server that serves up the open-source ProFTPD FTP software was hacked and booby-trapped with a backdoor Trojan -- meaning anyone who downloaded the code during the past few days from the server or its mirror servers could be running a compromised copy of the software that would allow the attacker full access to his systems.
The ProFTPD Project team yesterday reported that these servers were hosting the compromised version of the ProFTPD 1.3.3c source code, which runs on Unix and Unix-like systems. All users who run versions of ProFTPD which have been downloaded and compiled in this time window are strongly advised to check their systems for security compromises and install unmodified versions of ProFTPD, the team
posted on its site
. They also provided a link for users to check the integrity of their ProFTPD code.
According to
an analysis of the breach
, the likely entry point for the attackers was an unpatched security hole in the FTP server daemon, which gave them access to the server, where the attackers then swapped out the legitimate code with their backdoored version. The breach was discovered and fixed yesterday.
By placing a backdoor into the source code of ProFTPD, the attacker was probably interested in potentially gaining access to thousands of other FTP servers, as ProFTPD is a very popular software that is installed on millions of servers, says Chaouki Bekrar, CEO and head of research at VUPEN Security. Any new server installation performed using the backdoored version of ProFTPD can be remotely compromised.
The backdoor malware gave the attackers remote, full root access to any systems that had downloaded the compromised FTP open-source server software.
VUPENs Bekrar says incidents of backdoors being added to software are rare. While adding a backdoor to a compromised source is reliable, it is highly visible. A more dangerous attack scenario would be adding a vulnerability to a software by simply changing a word or a letter from its source code, and it would be very difficult for the project maintainers to detect such changes, he says.
Have a comment on this story? Please click Discuss below. If youd like to contact
Dark Readings
editors directly,
send us a message
.

Last News

▸ Nigerian scammers now turning into mediocre malware pushers. ◂
Discovered: 23/12/2024
Category: security

▸ Beware EMV may not fully protect against skilled thieves. ◂
Discovered: 23/12/2024
Category: security

▸ Hack Your Hotel Room ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Open-Source Project Server Hacked, Software Rigged With Backdoor Trojan