A server had been attacked on March 22, but the Linux Australia discovered the breach on March 24, after conference management software Zookeeper started sending a large number of error reporting emails. Organization also mentioned that no financial data have been exposed because they use a third party payment system.
Linux Australia president Joshua Hesketh, who has led the organization since 2013, said - Hacker have leveraged an unknown vulnerability in its system to trigger a remote buffer overflow and gain root level access to its server.
"A remote access tool was installed, and the server was rebooted to load this software into memory." "A botnet command and control was subsequently installed and started. During the period the individual had access to the Zookeepr server, a number of Linux Australia's automated backup processes ran, which included the dumping of conference databases to disk."The organization has also deployed a new secure host has been deployed and said system user accounts will be expired three months after the conference ends. Linux Australia notified Australia's Privacy Commissioner about the breach and has tightened the screws on the rebuilt server.
Linux Australia had also asked Computer Emergency Response Teams for the help in identifying the exploited unknown vulnerability. Delegates are urged to change their passwords.