Apache open-source site attacked

The group that develops the Web's most popular web server software has acknowledged that its own servers were hacked last month

The organisation responsible for the popular open-source Apache Web server software confirmed on Thursday that its servers were broken into, the second attack in May on a high-profile open-source software site.

In a notice posted on its Web site, the Apache Software Foundation said its public server -- which handles mailing lists and stores source code for all foundation projects -- was illegally accessed earlier last month. The intrusion was quickly discovered and the server was taken offline.

"There is no evidence that any source or binary code was affected by the intrusion," according to the statement.

Apache is the most popular software used to serve up Web pages. According to a study by research firm Netcraft, Apache is used about three times more often than Microsoft's Internet Information Server, though Microsoft's software is more popular for secure transactions.

Announcement of the Apache break-in follows a report earlier this week from VA Linux Systems that an intruder broke into its SourceForge site, where developers collaborate on open-source software projects.

The Apache foundation is investigating possible links between its break-in and other intrusions, according to the statement.

The foundation's home page was defaced last year in an attack the group characterized as more "embarrassing" than destructive.

Is your PC safe? Find out in ZDNet UK's Viruses and Hacking News Section.

Have your say instantly, and see what others have said. Click on the TalkBack button and go to the Security forum.

Let the editors know what you think in the Mailroom. And read other letters.