The cracker who broke into the Web servers of open source development site SourceForge has broken cover to boast of his exploits, and brag he also compromised the systems of the Apache project. Fluffy Bunny defaced a Web site (themes.org) to . . .
The cracker who broke into the Web servers of open source development site SourceForge has broken cover to boast of his exploits, and brag he also compromised the systems of the Apache project. Fluffy Bunny defaced a Web site (themes.org) to list the accounts he had managed to compromise and to brag that his actions had gone unnoticed by SourceForge administrators for five months (against the week SourceForge has publicly admitted). The defacement has since been removed but can still be seen (thankfully minus confidential account information) on defacement archive Alldas.de here.

According to the posting, Fluffy Bunny obtained passwords and user names for SourceForge accounts after successfully placing a Trojan horse program on a Secure Shell (SSH) server. Apparently this was possible because Fluffy Bunny had already compromised the servers run by an ISP.

The link for this article located at The Register is no longer available.