Something that no developer wants to see when logging onto their popular site. Malware. And for the boys at AOKP, that is exactly what happened. Yesterday, Roman at AOKP posted on their G+ page that their site had been infected by malware. Everyone that was registered with the site got compromised. Here is what Roman had to say:
Fans of AOKP,
Yesterday we got reports of http://aokp.co being infected with malware. We did some investigation and it looks like our site did get compromised by some sort of malware.
All usernames and passwords were compromised.
Yes, this sucks, and I take 100% of the responsibility for what happened. I am very sorry to everyone who registered on the site.
The silver lining of the event is that site registrations have been closed for many months as it is, and we’ve been using RootzWiki as our main “forum.†I will see what I can do about sending an email to all of the registered users and notify them of the incident.
It looks like only the actual site (http://aokp.co) was affected – gerrit and everything else was untouched.
I’ve taken the site down completely for now. You can still get your builds from AndroTransfer or Goo-Inside.me.
Please please please change your passwords and remember to keep your email password just a little more secure! If you used the same email/password combo elsewhere, now would be the time to go and change it as well.
Roman
***Note: no, the passwords were not stored in plaintext
Source: Google+