Hackers took control of the official website for the Linux Mint distro over the weekend, resulting in some users downloading a build of the OS that had been modified to include a backdoor that would give attackers full access to a user’s system.
Announced in a blog post, the organization said it quickly spotted and rectified the issue, but that anyone who downloaded Linux Mint (Cinnamon Edition) on February 20 should probably start over. At the very least, you’ll want to check the MD5 signature of your download to ensure it’s legit.
If you do have an infected copy on disk or USB, you’ll need to format it and start again.
According to the organization, the backdoor connects to a site called absentvodka (can’t recommend searching and visiting that one, given the context) and the IP addresses lead to Sofia in Bulgaria.
“What we don’t know is the motivation behind this attack. If more efforts are made to attack our project and if the goal is to hurt us, we’ll get in touch with authorities and security firms to confront the people behind this,” the group said.
While the download in question was pulled reasonably quickly, the Linux Mint website is still down while the organization ensures that any potential security holes have been closed.
Backdoors are very much hitting headlines lately with the news that the FBI is requesting that Apple unlock the San Bernadino shooting suspect’s iPhone and Apple failing to comply and provide the backdoor on the basis that it sets a precedent for using the unlock on other devices.
It ultimately deemed the requested backdoor unnecessary.
In a separate announcement on the Linux Mint blog, the group conformed that the forums database at forums.linuxmint.com was also compromised, revealing usernames, passwords (encrypted), email addresses and personal information from profiles and posts.
It’s probably not the end of the world, unless you use the same password across all your different accounts.
But you wouldn’t do that, would you?
➤ Beware of hacked ISOs if you downloaded Linux Mint on February 20th! [Linux Mint blog]