Linuxmint Hacked

2 posts in this topic

Any users of Linuxmint please be aware that the database for the Linuxmint.com user Forum has been stolen from LINUXMINT.com in a recent attack on their website, if you are a registered user of the Linuxmint forum please be aware the MINT Database contains the following;

Linuxmint Forum user name,

The encrypted password, if weak it can be subject to brute force attack.

The email address used to set up the Linuxmint forum.

Anything contained in the signature strip.

The Linuxmint server is off line but information is given on their blog page. What to do if you are a registered Linuxmint user forum member?

Change your Email password asap

Change your Linuxmint password asap.

If you have used the same password for anything else then change it asap.

What else did the Hackers do?

They replaced the ISO copy of the latest release of Linuxmint 17.3 Cinnamon with there own hacked copy that contains a hidden backdoor If you downloaded this ISO on the 20th of Feb then throw away the disk or format the USB stick if used to run the ISO as a "Live disk" if its on your hard drive kill it by formatting.

The only flavour of mint ISO affected was 17.3 Cinnamon the others appear to be ok.

The hack came from Sofia Bulgaria hosted on  Do not visit absentvodka.com

This applies to users of LINUXMINT user forum and any other places you used the same passwords for and also any downloads from the LINUXMINT ISO page.

Don't forget to do run full virus checks.

The above may not apply to very many PN users but its still worth advising just to be sure.



Share this post

Link to post
Share on other sites

Looks like a second attempt was made to infect the ISO downloads of 32bit versions of Cinnamon and the other flavours of 17.3 on the 21st until the server was shut down.

The security breach was made via wordpress. From there they got a www-data shell.

LINUXMint with tsunami running on it. Here’s some info on it http://blog.malwaremustdie.org/2013/05/story-of-unix-trojan-tsunami-ircbot-w.html


...and there was me thinking that hackers only went after corporations and not open source non profit organisations.

Share this post

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now