Hi everyone,
As reported earlier by giakk...@hotmail.it and Bill Y (b...@anzovin.com),
LMMS's user wiki, located at http://lmms.sf.net/wiki/, was hosting an
infected file.
I can now confirm this: The infected file was at
http://lmms.sourceforge.net/wiki/index.php?title=File:25983924927243286670.png.
It was infected with PHP.Shell.26, a PHP backdoor.
I deleted the file, and blocked the user who has uploaded it, "Eclipse".
Upon further research, I found a second infected file (PHP.Shell.99), this
one on the LSP:
http://lmms.sourceforge.net/lsp/index_b.php?action=show&file=4032.
Apparently, it has been uploaded by some "Mr. Glitch", who hacked the admin
account on LSP seven years ago. I have not yet removed that one. I'll first
look into how the database is designed, as I don't want to break anything.
- Lukas
------------------------------------------------------------------------------
"Accelerate Dev Cycles with Automated Cross-Browser Testing - For FREE
Instantly run your Selenium tests across 300+ browser/OS combos.
Get unparalleled scalability from the best Selenium testing platform available
Simple to use. Nothing to install. Get started now for free."
http://p.sf.net/sfu/SauceLabs
_______________________________________________
LMMS-devel mailing list
LMMS-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/lmms-devel
