Hackers had access to FreeBSD infrastructure

Hackers have from september had access to the infrastructure of the FreeBSD project by the leak of an ssh key, so last week discovered. Two machines for the distribution of FreeBSD-packages from third parties are affected.

The two machines within the FreeBSD infrastructure, which as of september 19, invaded, writes the organisation behind the opensourceproject. The hack was last Sunday can be noticed. The probable cause would not be a vulnerable system, or to exploit, but with the leak of an ssh key from a developer who legitimately had access to the systems.

The beveiligingsmanager of FreeBSD.org stresses that the safety of the base of the operating system, whose development by the FreeBSD community takes place, not in the proceedings. The systems would only be used for the building and the distribution of third-party-packages with the OS included. For the integrity of the packages that you installed could be between 19 september and 11 november, the organisation can not be held responsible, although analysis no irregularities to light.

The administrators of the FreeBSD project as soon as the hack became known to the systems offline and verified that there is not with the base tampered with. It is recommended that legacy update-mechanisms no longer use, and everything in the mentioned period, to date, is as suspicious to consider.