Security News > 2020 > October > OpenStack haven OpenDev yanks Gerrit code review tool after admin account compromised for two weeks

OpenDev.org, which hosts the official OpenStack source code, on Tuesday tore down its Gerrit deployment after realizing it had been secretly hacked two weeks ago.

It uses Google-built Gerrit to provided a web-based environment for teams to review each others' work, approve or deny changes to code bases, and otherwise collaborate on programming projects.

On Tuesday, OpenDev published a since-removed maintenance notice, and issued a mailing-list announcement, that revealed "An admin account in Gerrit was compromised allowing an attacker to escalate privileges within Gerrit."

At first, it feared its installation of Gerrit had been hacked via a security hole in the environment, though a few hours of effort brought the grim news that "The incident is related to a compromised Gerrit user account rather than a vulnerability in the Gerrit software."

At 1745 UTC, OpenDev revealed it found a pair of Ubuntu One single-sign-on accounts had been hijacked on October 6 - two weeks before detection.

News URL

https://go.theregister.com/feed/www.theregister.com/2020/10/21/opendev_gerrit_attack/