FYI...

- http://countermeasures.trendmicro.eu/apach...ey-compromised/
Aug. 28, 2009 - "... Details of the attack/compromise are few at the moment, as this is breaking news. It is worth remembering however that a compromised SSH key led to in-the-wild exploitation of Linux based systems exactly this time last year, for the purposes of installing rootkits. Keep your eye on how this story develops. Apache servers account for around 50% of all web servers in the July 2009 web server survey*."
* http://news.netcraft.com/archives/2009/07/...ver_survey.html

- https://blogs.apache.org/infra/entry/apache..._initial_report
Aug 28, 2009

> http://isc.sans.org/diary.html?storyid=7030
Last Updated: 2009-08-28 14:32:28 UTC ...(Version: 2) - "... compromised due to an SSH key being exposed. The SSH key was used by an account to perform backups. No vulnerabilities in apache or ssh software was used in this attack. When the incident was identified apache cut access to all of their services as a containment measure. Their web sites are now back online..."



This post has been edited by AplusWebMaster: Aug 30 2009, 12:43 PM