Linux News Today: Linux Mint Website Hacked, Users Tricked Into Downloading ISOs with Backdoors
Just a few moments ago, Clement Lefebvre, leader of the Linux Mint project, informes users of the popular, Ubuntu-based distribution that the servers where the Linux Mint website is hosted have been hacked to point the download links to specially crafted ISOs.
According to Mr. Lefebvre, it appears that a group of hackers created a modified Linux Mint ISO, which included a backdoor. Then, they hacked into the Linux Mint website and modified the download links to trick users into downloading the malicious ISO image.
“I’m sorry I have to come with bad news. We were exposed to an intrusion today. It was brief and it shouldn’t impact many people, but if it impacts you, it’s very important you read the information below,” said Clement Lefebvre in the announcement.
It would appear that only the Linux Mint 17.3 Cinnamon edition has been compromised at the moment of writing this article, and those of you who downloaded these ISO images on February 20, 2016, need not to install them on your computer, but delete them as soon as possible.
Things are under control, for now
Clement Lefebvre assures users that if they downloaded any other Linux Mint edition from the website with the exception of the Cinnamon one, they are safe, and they don’t need to do anything at this point.
Again, only those who downloaded the Linux Mint Cinnamon ISOs on February 20 are affected, and they need to delete those images from their computers. Also, if you already managed to install Linux Mint on your computer using the respective images, you need to re-download new ISOs from the project’s website and reinstall the OS.
Wiping the drive and changing your passwords is also recommended!
At the moment, it appears that the whole situation is under control, and the modified download links now point to the correct ISO images for the Linux Mint Cinnamon edition. More technical details about the hack can be found on the Linux Mint blog, where Clement Lefebvre said that the hacked ISOs where hosted on a Bulgarian server.
“Both lead to Sofia, Bulgaria, and the name of 3 people over there. We don’t know their roles in this, but if we ask for an investigation, this is where it will start,” said the Linux Mint leader. “If more efforts are made to attack our project and if the goal is to hurt us, we’ll get in touch with authorities and security firms to confront the people behind this.”
Mr. Lefebvre recommends users who are affected by the hack to disconnect their computers from the Internet as soon as possible, wipe the disk drive and change all of their passwords, especially those used for email and other sensitive websites. If you were affected, please inform the Linux Mint leaders immediately!