Language Selection

English French German Italian Portuguese Spanish

Linux Mint Website Hacked, Users Tricked Into Downloading ISOs with Backdoors

Filed under
GNU
Linux
Security
Web

Just a few moments ago, Clement Lefebvre, leader of the Linux Mint project, informes users of the popular, Ubuntu-based distribution that the servers where the Linux Mint website is hosted have been hacked to point the download links to specially crafted ISOs.

According to Mr. Lefebvre, it appears that a group of hackers created a modified Linux Mint ISO, which included a backdoor. Then, they hacked into the Linux Mint website and modified the download links to trick users into downloading the malicious ISO image.

Read more

More on the Story

  • Linux Mint hacked, ISO images compromised

    The Linux Mint team revealed today that compromised ISO images of Linux Mint have been distributed from the official website on February 20th, 2016.

  • Linux Mint website hacked, malicious ISO offered on Saturday

    In a surprising announcement, Clement Lefebvre -- head of the Linux Mint project -- said that the Linux Mint website had been compromised and that the hackers were able to edit the site to point to a malicious ISO of Linux Mint 17.3 Cinnamon edition on Saturday 20th, February.

    If you downloaded the Cinnamon edition prior to Saturday or downloaded a different version/flavour (including Mint 17.3 Cinnamon via torrent or direct HTTP link) you aren't affected. It's worth mentioning that since the issue was caught, everything has since returned back to normal now so it's safe to download the Linux Mint ISOs again.

  • Beware of hacked ISOs if you downloaded Linux Mint on February 20th!

    We were exposed to an intrusion today. It was brief and it shouldn’t impact many people, but if it impacts you, it’s very important you read the information below.

  • Linux Mint downloads (briefly) compromised

Latest on Linux Mint

Response and Lessons

  • All forums users should change their passwords.
  • Backdoored Linux Mint, and the Perils of Checksums

    Someone hacked the website of Linux Mint — which, according to Wikipedia’s traffic analysis report is the 3rd most popular desktop Linux distribution after Ubuntu and Fedora — and replaced links to ISO downloads with a backdoored version of the operating system. This blog post explains the situation.

    [...]

    Besides the fact that the website isn’t available over HTTPS so network attackers could change those MD5 checksums to whatever they want as you load the blog post, MD5 is entirely broken and has been for many years. MD5 should never be relied on for verifying that you have the legitimate version of a file. It would not be difficult for someone to generate a backdoored Linux Mint ISO that has the same MD5 checksum as the legitimate ISO. Likewise, while SHA1 is considerable stronger, it also should not be used for security purposes anymore. Wikipedia’s SHA1 article says: “SHA-1 is no longer considered secure against well-funded opponent.”

  • Lessons from the Linux Mint Hack

    Unless you’re completely unplugged from the Linux news media, by now you’ve heard about the exploit that affected both the Linux Mint WordPress site and the Linux Mint 17.3 Cinnamon edition.

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

Red Hat News

Samsung Z4 gets WiFi Certified with Tizen 3.0 onboard, Launching soon

Today, the next Tizen smartphone, which should be the named the Samsung Z4, has received its WiFi certification (certification ID: WFA70348) – Model number SM-Z400F/DS with firmware Z400F.001 on the 2.4Ghz band. WiFi certification is usually one of the last steps before a mobile device gets released and means a launch is coming real soon as we have already seen the Z4 make its debut appearance at the FCC. For the previous model, the Samsung Z2, we saw it get WIFi certified on 7 July and then launched on 23 August, a mere 6 weeks. Read more

Linux 4.10.6

I'm announcing the release of the 4.10.6 kernel. All users of the 4.10 kernel series must upgrade. The updated 4.10.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-4.10.y and can be browsed at the normal kernel.org git web browser: http://git.kernel.org/?p=linux/kernel/git/stable/linux-st... Read more Also: Linux 4.9.18 Linux 4.4.57

Kernel Space: Linux, Graphics

  • Mux Controller Subsystem Proposed For Linux 4.12
    A new subsystem has been proposed for staging in the Linux 4.12 kernel. Peter Rosin has requested Greg KH pull in the mux controller subsystem for the Linux 4.12 kernel. He explained of this new subsystem, "This adds a new mux controller subsystem with an interface for accessing mux controllers, along with two drivers providing the interface (gpio and adg792) and two consumers (iio and i2c). This is done in such a way that several consumers can independently access the same mux controller if one controller controls several multiplexers, thus allowing sharing."
  • Marek Looking To Tackle Large RadeonSI Performance Bottleneck
    Prolific Mesa developer Marek Olšák is looking to tackle what he thinks is the "biggest performance bottleneck at the moment" for the RadeonSI Gallium3D driver.
  • Shader Variants Support For Etnaviv Gallium3D