August 16, 2007 at 13:40Ubuntu servers hacked
Five of the eight main Ubuntu servers were manually stopped when they launched a powerful attack on other servers on the Internet. Obviously, Ubuntu hardware has become a tool in the hands of some cybercriminals.
Ubuntu sponsor Canonical, blames the incident on the community of Ubuntu activists who were in charge of the hacked servers (the rest of the servers are in the Canonical data center and everything is fine with them). As the investigation showed, on “public” machines the software was not properly upgraded. However, activists say that upgrading the kernel on servers was not possible because it was supposedly not supported at the hardware level (non-standard network cards). That is, Canonical, which provided the “wrong” cards, is to blame.
Hacked servers worked on the old version of Ubuntu from October 2005 (Linux kernel 2.6.12.6). The latest security patches were not installed on the servers, and pure FTP (without SSL) was also allowed. It was through FTP that attackers entered the system.
Ubuntu sponsor Canonical, blames the incident on the community of Ubuntu activists who were in charge of the hacked servers (the rest of the servers are in the Canonical data center and everything is fine with them). As the investigation showed, on “public” machines the software was not properly upgraded. However, activists say that upgrading the kernel on servers was not possible because it was supposedly not supported at the hardware level (non-standard network cards). That is, Canonical, which provided the “wrong” cards, is to blame.
Hacked servers worked on the old version of Ubuntu from October 2005 (Linux kernel 2.6.12.6). The latest security patches were not installed on the servers, and pure FTP (without SSL) was also allowed. It was through FTP that attackers entered the system.