[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
[
List Home]
[phoenix-epic-dev] EPIC Security Breach
|
All,
After investigating both the code and the database Karl and I have
been unable to find any direct evidence of the malicious code.
I downloaded the EPIC home page when this was reported so I have a copy
of the code that was being generated, and it seems to be connected to
our Google Ads. Where the Google Ad html and logo appear in current
downloads of the restored website is where the malicious code was
manifesting itself.
We are taking the following steps
1) EPIC is being moved off of the Eclipse.org cluster and onto our build
machine.
2) EPIC will remain offline until Nathan and I are able to remove the
Google ads and verify that the code is clean and complete.
If after all this EPIC is again hacked/cracked or abused we plan to shut
EPIC down until it's backend code has been rebuilt and moved away from
phpNuke.
Matt.
--
Eclipse WebMaster - webmaster@xxxxxxxxxxx
Questions? Consult the WebMaster FAQ at http://wiki.eclipse.org/index.php/Webmaster_FAQ
View my status at http://wiki.eclipse.org/index.php/WebMaster