• We’ve made a great deal of effort to ensure the security of our servers. However, that’s not meant to imply it couldn’t happen. If you are specifically targeted, there are no guarantees. The best thing you can do to prevent breaches is to avoid becoming a target (of course that’s not something you have control over) .

  • the breach was made via wordpress. From there they got a www-data shell.

  • @karasu Yeah I find that so bazaar, I mean why the hell did their www-data user have shell access in the first place?

  • I would guess they’re not telling us everything. Was their wordpress up to date? As you say, how a www-data user can get shell access? (that’s the whole point of using a www-data user).

  • @lots-0-logs @karasu @megaman

    Iso’s were infected with a simple Irc bot for Ddos attacks.

    Mint’s site was also using a known outdated vulnerable version of Wordpress. And the forum database (phpbb) was also compromised, so if you had a forum account there change your password.

  • Glad I caught this. Too bad the forums are down so I can’t exactly change my password there. All my current passwords are getting reset however, just to be on the safe side. O.o

Posts 7Views 1809
Log in to reply
Bloom Email Optin Plugin

Looks like your connection to Antergos Community Forum was lost, please wait while we try to reconnect.