|
|
Subscribe / Log in / New account

Backdoor inserted into Piwik

[Posted November 27, 2012 by corbet]

The Piwik web server analytics package was given an undesirable feature — a backdoor — as the result of a compromise of the piwik.org server. "You would be at risk only if you installed or updated to Piwik 1.9.2 on Nov 26th from 15:43 UTC to 23:59 UTC. If you are not using 1.9.2, or if you have updated to 1.9.2 earlier than Nov 26th 15:40 UTC or from Nov 27th, you should be safe." The announcement has details on the backdoor and how to detect it.
to post comments

Backdoor inserted into Piwik

Posted Nov 27, 2012 19:37 UTC (Tue) by lkundrak (subscriber, #43452) [Link]

"an undesirable feature — a backdoor"

Made me laugh aloud :)

Backdoor inserted into Piwik

Posted Nov 28, 2012 12:37 UTC (Wed) by njwhite (guest, #51848) [Link]

Their advice to backup config.ini.php and then unpack a fresh install is sensible, but does point to an issue with having a config file be direct code; if they'd decided to add part of the backdoor to config.ini.php, restoring things could have got rather trickier.

Anyway, it's a good advisory, and it looks like they did a very good job of responding. The forum post linked to there has more details of what the backdoor does, for those interested: http://forum.piwik.org/read.php?2,97666


Copyright © 2012, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds