⚠️ Security Warning: Original CSF Automatic Updates Subdomain Hijacked #68
Aetherinox
announced in
Announcements
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
Uh oh!
There was an error while loading. Please reload this page.
-
Note
It appears as of 12/15, the subdomain no longer resolves and has been taken down.
Note
If you are currently running my copy of ConfigServer from this repository, then this does not apply to you. This is for all members who may currently have servers running any version of CSF older than v15.00 from the original developer.
Original Developer Download Subdomain Has Been Hijacked
If you are running any version of CSF older than
v15.00, we strongly recommend upgrading to v15.00 immediately. If an immediate upgrade is not possible, you must disable automatic updates at once by editing your/etc/csf/csf.conffile:AUTO_UPDATES = "0"The original CSF download subdomain,
https://download.configserver.com, has been hijacked and now redirects to a malicious website containing Arabic content and distributing compromised packages. The main domain appears to still be intact.For your security, address this immediately. Do not postpone taking action. Administrators should also perform a full security review of affected systems to ensure they have not been compromised. If there is any possibility that malicious packages were downloaded, wipe the system. Do not risk your data or your infrastructure.
Beta Was this translation helpful? Give feedback.
All reactions