ProFTPD Hack and Backdoor

A source code repository server of an open-source project (ProFTPD) was hacked by unknown attackers who planted a backdoor in the source code.

Impact

N/A

Type of compromise

Publishing Infrastructure - the attackers gained access to the server hosting distribution artifacts and replaced them. No signing seems to have been employed and it’s unlikely a key compromise was involved.

References