BerliOS open source project portal falls victim to attack
In a recent attack on the web server of the BerliOS (Berlin Open Source) open source platform intruders replaced the portal's home page. The unknown attackers left a message accusing the BerliOS operators of not investing enough time in proper system maintenance – and in protection against attacks.
"Open source mediator" BerliOS, which is part of Fraunhofer Institute (FOKUS), hosts a number of developer projects on its systems. According to the injected message on the, now restored, home page, the attackers were also able to access the svn.berlios.de, download.berlios.de and example.sheep.berlios.de servers.
While the intruders said they didn't manipulate any site content, they pointed out possible manipulations by others. According to the unknown hackers, BerliOS had already had secret visitors in 2005. The attackers said this was indicated by the presence of a developer.php.de.hacker file stored on the web server.
When asked by The H's associates at heise Security, BerliOS confirmed the manipulation. The operators say that so far, apart from the traces of the intrusion, they have not found any sign of manipulated files. In a brief reply Jörg Schilling, BerliOS employee and developer of the cdrecord open source software said "Therefore, I currently don't see a reason to issue a warning". Schilling didn't supply any details about the vulnerability the intruders exploited.