[sf-perl] Fwd: [LA.pm] Perlmonks compromised

Fred Moyer fred at redhotpenguin.com
Thu Jul 30 19:18:05 PDT 2009


Here's the details of the PerlMonks incident, search for perlmonks on
this page.  It is an interesting read, you can see the shell history
the attacker used to get the data.

http://seclists.org/dailydave/2009/q3/0047.html

A snippet:

"There is a really simple reason we owned PerlMonks: we couldn't resist more
than 50,000 unencrypted programmer passwords.

That's right, unhashed. Just sitting in the database. From which they save
convenient backups for us."


More information about the SanFrancisco-pm mailing list