Feeds

'1337 hacker' scrawls all over careless coders' SourceForge sites

'If others did this, they might not have been so nice'

Internet Security Threat Report 2014

Someone claiming to be a "1337 hacker" has defaced programming projects hosted by SourceForge.net

Web pages for the network utility Angry IP Scanner and other open-source software hosted by the online coding vault were altered by the infiltrator. The individual responsible claimed the websites were "hacked" using a "backdoor", and darkly warned he or she could have supposedly caused far worse damage.

Each vandalised site read:

This is a project whose homepage has been hacked with the SourceForge backdoor by a 1337 hacker! It is extremely lucky because this message is the only change I did. After I found this backdoor, I, being nice, added this message to some SourceForge-hosted sites to warn them, instead of maliciously dropping their tables.

Scary stuff, you'll no doubt agree.

The truth is rather mundane: in a blog post, SourceForge's operators said each affected project had files that could be accessed by anyone on the web (rw-r--r-- in Unix parlance) and that these documents contained usernames and passwords for editing the project. Thus, anyone who knew where to look on a project's website could find, use and expose these sensitive credentials.

The SourceForge staff explained:

Upon investigating we found that the affected projects had configuration files (which contained database usernames and passwords) that were world readable. In other words, anyone looking in the right place could get these usernames and passwords and have direct access to the database.

Someone claiming to the "1337 hacker" commented on the SourceForge blog: "After checking 850 projects, I've hacked 44, but you were lucky. I did this to notify the project owners so that they would fix the issue. "If other hackers did this, they might not have been so nice. They might plant malicious scripts or even just drop your data for fun."

Arguably, SourceForge should consider ensuring that no world-readable files are created by default. However, coders must carry a large part of the blame for not picking the right permissions.

SourceForge, which hosts more than 320,000 projects, explains how to set proper file permissions here. It also explains how to reset project database passwords. ®

Intelligent flash storage arrays

Whitepapers

Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
Getting started with customer-focused identity management
Learn why identity is a fundamental requirement to digital growth, and how without it there is no way to identify and engage customers in a meaningful way.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Simplify SSL certificate management across the enterprise
Simple steps to take control of SSL across the enterprise, and recommendations for a management platform for full visibility and single-point of control for these Certificates.
Top 5 reasons to deploy VMware with Tegile
Data demand and the rise of virtualization is challenging IT teams to deliver storage performance, scalability and capacity that can keep up, while maximizing efficiency.