Jump to content

Linux Mint Site and Forum Hacked


Recommended Posts

Story is over a week old but in the chance any MB forum member is affected and hadn't heard :


On February 20th, a hacker working under the handle "Peace" took control of the website of Linux Mint, a popular Linux distribution derived from Ubuntu (and Debian) targeted toward non-technical users and power users unhappy with modern desktop environments like GNOME 3, KDE Plasma 5, and Unity 7. The hacker replaced the download link for Linux Mint with one which contained a backdoor called Tsunami-an attack which put "several hundred" systems with a fresh installation of Linux Mint in the hacker's control, according to an interview with ZDNet's Zach Whittaker. The same hacker gained control of the Linux Mint user forum, grabbing copies of the entire database twice, copies of which are now for sale on a dark web marketplace for 0.197 bitcoin ($85) per download....




As far as the backdoor in an ISO is concerned, it appears that Mint 17.3 Cinnamon, if downloaded on 2/20/16, was the only affected edition.


....According to Mr. Lefebvre, it appears that a group of hackers created a modified Linux Mint ISO, which included a backdoor. Then, they hacked into the Linux Mint website and modified the download links to trick users into downloading the malicious ISO image.

"I’m sorry I have to come with bad news. We were exposed to an intrusion today. It was brief and it shouldn’t impact many people, but if it impacts you, it’s very important you read the information below," said Clement Lefebvre in the announcement.

It would appear that only the Linux Mint 17.3 Cinnamon edition has been compromised at the moment of writing this article, and those of you who downloaded these ISO images on February 20, 2016, need not install them on your computer, but delete them as soon as possible....




More info from ZDNet, including an interview with the hacker. It was too easy to accomplish. (Stories on the Net allege the servers were 'protected' with a 6 character, admin passcode whose characters included MINT.)


....The hacker responsible, who goes by the name "Peace," told me in an encrypted chat on Sunday that a "few hundred" Linux Mint installs were under their control -- a significant portion of the thousand-plus downloads during the day.

But that's only half of the story.

Peace also claimed to have stolen an entire copy of the site's forum twice -- one from January 28, and most recently February 18, two days before the hack was confirmed....



Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.