Report: Minor Incident on RIPE NCC Web Server
On Monday, 27 February, we discovered that a RIPE NCC web server was abused and used as an HTTP proxy to distribute malicious code to other websites using an IP address 18.104.22.168 allocated to the RIPE NCC.
We found evidence of a small number of abuse cases and promptly informed the owners of the affected websites.
We identified the configuration issue that allowed this to happen and immediately fixed it.
After further investigation, we concluded that there was no harm done to the RIPE NCC network or member data. There is no action required from our members or users of our services.
It is our policy to report security incidents as soon as possible to all affected parties and provide a summary of the incident after completing the necessary investigations. The RIPE NCC and the RIPE community have a relationship built on trust, openness and transparency. Naturally, we will keep a close watch on the situation and immediately report any developments.