Source: Security News Portal.

ftp.bitchx.org's ircii-pana-1.0c19.tar.gz is backdoored. Cable modem users get trojan download... BitchX.org's Rooted ?

07-01-2002 10:53:57 AM CST -- from the Bug Reports

Hank Leininger from metasecuritygroup.com is reporting that a few hours ago (1 AM US/Eastern time, July 1) we downloaded ircii-pana-1.0c19.tar.gz from ftp.bitchx.com (216.165.191.5) and reviewed the configure script before running it. It has essentially the same configure backdoor as fragroute-1.2.tar.gz[1] -- a TCP connection is made outbound, with a shell bound to it (a reverse telnet). This appears to retry/respawn once per hour. The 1.0c19 tarball at ftp.irc.org (which mirrors bitchx.com) did not appear to be trojaned when we pulled from there about an hour later.