The developers of the MidnightBSD project, which develops a desktop-oriented operating system based on FreeBSD with elements ported from DragonFly BSD, OpenBSD and NetBSD, warned users about identifying traces of hacking of one of the servers. The hack was committed through exploitation of the CVE-2021-26084 vulnerability discovered at the end of August in the proprietary collaboration engine Confluence (Atlassian provided the opportunity to use this product free of charge for non-commercial and open source projects).
The server also ran the project's DBMS and hosted a file storage facility, which was used, among other things, for intermediate storage of new versions of packages before publishing on the primary FTP server. According to preliminary data, the main package repository and iso images available for download are not compromised.
Apparently, the attack was not targeted and the MidnightBSD project became one of the victims of mass hacking of servers with vulnerable versions of Confluence, after the attack, malware aimed at mining cryptocurrency was installed. Currently, the software of the hacked server has been reinstalled from scratch and 90% of the services that were disabled after the hack have been returned to service. It has been decided to postpone the upcoming release of MidnightBSD 2.1.
Source: opennet.ru