Server Compromise

Joel

Active Member
Dear Users,

We were informed by our ISP at around 1100hrs GMT+1 today that we had a server compromise. Details of which are unclear, however what we do know is that 13 GB of data was leaked from the Eraser Windows server (hosting the Eraser website) and that the Linux server (which hosts this forum, among other things) while not directly affected, could be compromised in more subtle ways. The point of entry is not currently known and we are not sure if any data has been modified or if data was simply copied off the server.

On your part, it may be prudent to change your Forum Password, although based on my knowledge of the inner workings of phpBB your password is not stored in the database in the clear.

We are working hard to resolve this problem: We are working furiously to restore the server to working condition and resetting all passwords. We seek your understanding and patience on this matter. Updates to this will be posted as and when more information is available.
 

Joel

Active Member
It would appear that the server was infiltrated externally and that there was an elevation of privilege.

We are in the process of moving to a new server, Trac data will most likely be retained; however users will probably need to re-register.
 

Joel

Active Member
On a separate note, Trac will be down until we've migrated data over.
 

jackjack

Member
Joel said:
Details of which are unclear, however what we do know is that 13 GB of data was leaked from the Eraser Windows server (hosting the Eraser website) and that the Linux server (which hosts this forum, among other things) while not directly affected, could be compromised in more subtle ways. The point of entry is not currently known and we are not sure if any data has been modified or if data was simply copied off the server.
Has any more information been gleaned from the breach? Has the code been audited for backdoors, what procedures are in place to ensure the codebase and any installers available for download can be trusted?
 

Joel

Active Member
Apologies for the delay.

The source code is not hosted on our server, it is hosted on SourceForge's servers, so the source code is not affected. In addition, Garrett was able to confirm that the compromise only allowed data to be read and not modified.
 
Top