The main server used to distribute the open-source ProFTPD software was compromised over the weekend through the use of a bug in the FTP software itself. A backdoored version of the software was uploaded and distributed for several days as a result. The attack happened on Sunday, and the maintainers of the project said they didn t discover and remove the compromised version until Wednesday. It s unclear how many compromised copies of the server were downloaded during that time. This is the second attack of this kind against an open source repository in the last week.
Source: https://threatpost.com/proftpd-server-backdoored-120210/74727/

