Open source Linux organisation in Australia has being hacked, According to Joshua Hesketh president of Linux Australia, a server had been illegally accessed on March 22, but breach is discovered two days later, after Zookeeper ( conference Management system) started sending a lot of error report emails.
Linux Australia confirmed that personal details have been exposed in server breach including names, street and email addresses, personal phone numbers as well as hashed users password of delegates for PyCon and Linux Australia conferences.
The hackers have triggered an unknown vulnerability in its system a remote buffer overflow in order to obtain full access to the server by installing nothing more then a “RAT” remote access tool and gain root level access. The Server was rebooted to load RAT into memory and botnet was subsequently installed and started. The individual hacker had accessed to the Zookeeper server which included the dump of databases for conferences between 2013 – 2015.
Right after incident occur Linux Australia team admins had deployed a new more secure hosting server, and PyCon Australia 2015 was redeployed onto new Zookeeper hosting. The System user accounts will expire three months after conferences ends.
Linux Australia has full transparency and you can find server breach log here