Apache web server hit by hack attack
The website of the popular open source web server has been hit by hackers.
Apache has confirmed it was hit using a compromised SSH key to access one of its servers, which forced the shutdown of its website and most apache.org services.
The attack forced Apache, which at the last count accounted for nearly 50 per cent of all web servers, to shut down all machines involved as a precautionary measure.
After an initial investigation, it decided the best course of action was to change the DNS for most of its apache.org services to a machine that wasn't affected.
Further investigation revealed that the European fallover and backup machine, aurora.apache.org, was not affected. Although some rogue files had been copied over, none had been executed.
This allowed Apache to restore its websites to the version present before accounts could have been compromised.
Most user facing websites and services are now available, although Apache stated that some machines remained offline.
"To the best of our knowledge, no end users were affected by this incident, and the attackers were not able to escalate their privileges on any machines," said the Apache infrastructure team in a blog post.
It added: "While we have no evidence that downloads were affected, uses are always advised to check digital signatures when provided."
The case for a marketing content hub
Transform your digital marketing to deliver customer expectationsDownload now
Fast, flexible and compliant e-signatures for global businesses
Be at the forefront of digital transformation with electronic signaturesDownload now
Why CEOS should care about the move to SAP S/4HANA
And how they can accelerate business valueDownload now
IT faces new security challenges in the wake of COVID-19
Beat the crisis by learning how to secure your networkDownload now