Posted on 02/22/2016 7:26:56 PM PST by Utilizer
Last night, the Linux Mint team announced that someone had hacked their servers and started pointing user downloads to malicious ISO images for the Linux Mint 17.3 Cinnamon edition. Our Linux editor already covered the initial details of the attack, which we recommend reading before going forward with this article.
Since then, in the last ten hours, the Linux and infosec communities have been working hard to investigate what happened and how the hackers operated. Linux Mint Team: They hacked us via our WordPress site
The first to provide an answer was Clement Lefebvre, leader of the Linux Mint project, who acknowledged in a comment on the official announcement that the initial point of entry was their WordPress blog.
The hackers managed to escalate their access to the underlying server and finally get shell access to www-data, Lefebvre explained. From here they modified the Linux Mint download page to point to a malicious FTP server hosted in Bulgaria (IP: 5.104.175.212).
(Excerpt) Read more at news.softpedia.com ...
How embarrassing.
Checked and rechecked the other day. We is all good.
I haven’t used the repositories in quite a while. The only malfunction was with an Amazon search engine that said it couldn’t connect with the server at linuxmint.com. I just replaced it with better non-Mint search engine.
They should put the hash of the offending files pretty prominently on their page so folks can validate they have a good copy.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.