* Duncan Coutts
These are all hosted on the community server. The community server was hacked on the 26th January and we took it offline. The server was running an old version of debian that was no longer supported with security updates. (Ironically, two days previously the infrastructure team had been discussing the fact that nobody seemed to have any time available to do the planned migration to a new host). The hacker replaced sshd which we noticed because the ssh host signature changed and it started prompting for passwords (we use key-based rather than password based logins).
Might be related: http://sourceforge.net/blog/sourceforge-attack-full-report/ -- Roman I. Cheplyaka :: http://ro-che.info/ Don't worry what people think, they don't do it very often.