Stanford among academic targets for attack on Linux and Solaris machines
Hackers have compromised a number of Linux and Solaris machines used in supercomputer networks at Stanford University and other academic institutions in the US.
An unknown individual, or group, is believed to have compromised multi-user Solaris and Linux computers by cracking or sniffing passwords.
The attacker then escalated local user accounts to root privileges by triggering a variety of local exploits.
According to a warning posted by Stanford University, the machines may have been compromised as early as 3 April.
"Stanford, along with a large number of research institutions and high performance computing centres, has become a target for some sophisticated Linux and Solaris attacks," the advisory said.
"The attacker appears to be deliberately targeting machines in academic and high performance computing environments, rather than attacking systems indiscriminately."
Stanford recommends users to install all patches, choose hard to crack passwords and limit remote access to unpatched multi-user systems.
The full advisory can be found here.
Source