ProFTPD Hack and Backdoor

A source code repository server of an open-source project (ProFTPD) was hacked by unknown attackers who planted a backdoor in the source code.

Impact

N/A

Type of compromise

Publishing Infrastructure - the attackers gained access to the server hosting distribution artifacts and replaced them. No signing seems to have been employed and it’s unlikely a key compromise was involved.

References

https://www.zdnet.com/article/open-source-proftpd-hacked-backdoor-planted-in-source-code/
https://www.theregister.com/2010/12/02/proftpd_backdoored/

Feedback

Was this page helpful?

Glad to hear it! Please tell us how we can improve.

Sorry to hear that. Please tell us how we can improve.