Apache web server hit by hack attack

The website of the popular open source web server has been hit by hackers.

Apache has confirmed it was hit using a compromised SSH key to access one of its servers, which forced the shutdown of its website and most apache.org services.

The attack forced Apache, which at the last count accounted for nearly 50 per cent of all web servers, to shut down all machines involved as a precautionary measure.

Advertisement - Article continues below

After an initial investigation, it decided the best course of action was to change the DNS for most of its apache.org services to a machine that wasn't affected.

Further investigation revealed that the European fallover and backup machine, aurora.apache.org, was not affected. Although some rogue files had been copied over, none had been executed.

This allowed Apache to restore its websites to the version present before accounts could have been compromised.

Most user facing websites and services are now available, although Apache stated that some machines remained offline.

"To the best of our knowledge, no end users were affected by this incident, and the attackers were not able to escalate their privileges on any machines," said the Apache infrastructure team in a blog post.

It added: "While we have no evidence that downloads were affected, uses are always advised to check digital signatures when provided."

Featured Resources

The case for a marketing content hub

Transform your digital marketing to deliver customer expectations

Download now

Fast, flexible and compliant e-signatures for global businesses

Be at the forefront of digital transformation with electronic signatures

Download now

Why CEOS should care about the move to SAP S/4HANA

And how they can accelerate business value

Download now

IT faces new security challenges in the wake of COVID-19

Beat the crisis by learning how to secure your network

Download now
Advertisement

Recommended

Visit/security/phishing/355936/inky-announces-20m-series-b-funding-round
phishing

INKY announces $20M Series B funding round

4 Jun 2020
Visit/security/ransomware/355909/microsoft-issues-warning-about-new-ponyfinal-ransomware-attacks
ransomware

Microsoft issues warning about new PonyFinal ransomware attacks

3 Jun 2020
Visit/security/data-breaches/355908/amtrak-guest-reward-suffers-a-data-breach
data breaches

Amtrak Guest Reward suffers a data breach

3 Jun 2020
Visit/security/cyber-security/355903/brand-impersonation-and-form-based-attacks-are-rising
cyber security

Brand-impersonation and form-based attacks are rising

3 Jun 2020

Most Popular

Visit/operating-systems/ios/355935/apple-confirms-serious-bugs-in-ios-135
iOS

Apple confirms serious bugs in iOS 13.5

4 Jun 2020
Visit/mobile/5g/355911/the-uk-pivots-to-japan-for-5g-equipment
5G

The UK looks to Japan and South Korea for 5G equipment

4 Jun 2020
Visit/security/ransomware/355945/new-ransomware-uses-java-to-target-software-organisations
ransomware

Tycoon ransomware discovered using Java image files to target software firms

5 Jun 2020