[Operators] Jabber.sk - stolen ejabberd databases

Mathias Ertl mati at fsinf.at
Fri Aug 31 10:24:55 UTC 2012


Hi Peter,

On Fri, Aug 31, 2012 at 02:01:06AM +0200, Peter Viskup wrote:
> let me inform you all internal ejabberd databases of server
> jabber.sk were stolen. Please inform us in case you will be facing
> any suspicious activity from jabber.sk accounts. We already
> performed infrastructure inventory and it looks like they were
> interested only in ejabberd databases.
> Attacker used IP 188.126.79.56 which is registered in Sweden and one
> local system account was compromised.
> Will inform you once will have some other important information for you.

Did you find out how the attacker gained access?  Was any Jabber software
used to gain access? 

greetings, Mati

-- 
I only read plain text mail! I prefer pgp|gpg signed & encrypted mails!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
URL: <http://mail.jabber.org/pipermail/operators/attachments/20120831/2bfad3cb/attachment.pgp>


More information about the Operators mailing list