

Attack on sourceforge.net and global password reset - sagarun
http://sourceforge.net/blog/sourceforge-net-global-password-reset/

======
sagarun
Here is the description of the attack:
(<http://sourceforge.net/blog/sourceforge-net-attack/>)

"Yesterday our vigilant operations guys detected a targeted attack against
some of our developer infrastructure. The attack resulted in an exploit of
several SourceForge.net servers, and we have proactively shut down a handful
of developer centric services to safeguard data and protect the majority of
our services. Our immediate priorities are to prevent further exposure and
ensure data integrity. We’ve had all hands on deck working on identifying the
exploit vector or vectors, eliminating them, and are now focusing on verifying
data integrity and restoring the impacted services.

The problem was initially discovered on the servers that host CVS but our
analysis indicates that several other machines were involved, and while we
believe we’ve determined the extent of the attack, we are verifying all of our
other services and data. As a short term response, we’ve taken down the
following services to prevent any possible escalation:

* CVS Hosting * ViewVC (web based code browsing) * New Release upload capability * Interactive Shell services

Once the immediate response to this attack is over, we will be providing a
much more detailed account of what’s happened, and what specific actions we
are taking to prevent further exploits."

------
sagarun
The page is unavailable it seems here is the blog post content:

"We recently experienced a directed attack on SourceForge infrastructure
(<http://sourceforge.net/blog/sourceforge-net-attack/>) and so we are
resetting all passwords in the sf.net database — just in case.

Our investigation uncovered evidence of password sniffing attempts. We have no
evidence to suggest that the sniffing attempt was completed successfully. But,
what we definitely don’t want is to find out in 2 months that passwords were
compromised and we didn’t take action. So, we’ve invalidated all
sourceforge.net account passwords, and to access the site again, everyone will
need to go through the email recovery process and choose a shiny new password:

<https://sourceforge.net/account/registration/recover.php>

We have received a lot of support and sympathy from our community, and I know
our ops team is immensely grateful for all of it. Thanks again for your
patience with us as we work to respond to this attack. We’ll be working
through the weekend to get things back to normal as quickly as possible."

