Language Selection

English French German Italian Portuguese Spanish

Linux Mint Website Hacked, Users Tricked Into Downloading ISOs with Backdoors

Filed under
GNU
Linux
Security
Web

Just a few moments ago, Clement Lefebvre, leader of the Linux Mint project, informes users of the popular, Ubuntu-based distribution that the servers where the Linux Mint website is hosted have been hacked to point the download links to specially crafted ISOs.

According to Mr. Lefebvre, it appears that a group of hackers created a modified Linux Mint ISO, which included a backdoor. Then, they hacked into the Linux Mint website and modified the download links to trick users into downloading the malicious ISO image.

Read more

More on the Story

  • Linux Mint hacked, ISO images compromised

    The Linux Mint team revealed today that compromised ISO images of Linux Mint have been distributed from the official website on February 20th, 2016.

  • Linux Mint website hacked, malicious ISO offered on Saturday

    In a surprising announcement, Clement Lefebvre -- head of the Linux Mint project -- said that the Linux Mint website had been compromised and that the hackers were able to edit the site to point to a malicious ISO of Linux Mint 17.3 Cinnamon edition on Saturday 20th, February.

    If you downloaded the Cinnamon edition prior to Saturday or downloaded a different version/flavour (including Mint 17.3 Cinnamon via torrent or direct HTTP link) you aren't affected. It's worth mentioning that since the issue was caught, everything has since returned back to normal now so it's safe to download the Linux Mint ISOs again.

  • Beware of hacked ISOs if you downloaded Linux Mint on February 20th!

    We were exposed to an intrusion today. It was brief and it shouldn’t impact many people, but if it impacts you, it’s very important you read the information below.

  • Linux Mint downloads (briefly) compromised

Latest on Linux Mint

Response and Lessons

  • All forums users should change their passwords.
  • Backdoored Linux Mint, and the Perils of Checksums

    Someone hacked the website of Linux Mint — which, according to Wikipedia’s traffic analysis report is the 3rd most popular desktop Linux distribution after Ubuntu and Fedora — and replaced links to ISO downloads with a backdoored version of the operating system. This blog post explains the situation.

    [...]

    Besides the fact that the website isn’t available over HTTPS so network attackers could change those MD5 checksums to whatever they want as you load the blog post, MD5 is entirely broken and has been for many years. MD5 should never be relied on for verifying that you have the legitimate version of a file. It would not be difficult for someone to generate a backdoored Linux Mint ISO that has the same MD5 checksum as the legitimate ISO. Likewise, while SHA1 is considerable stronger, it also should not be used for security purposes anymore. Wikipedia’s SHA1 article says: “SHA-1 is no longer considered secure against well-funded opponent.”

  • Lessons from the Linux Mint Hack

    Unless you’re completely unplugged from the Linux news media, by now you’ve heard about the exploit that affected both the Linux Mint WordPress site and the Linux Mint 17.3 Cinnamon edition.

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

today's howtos

Linux-Ready Hardware and Android Leftovers

Red Hat, Oracle's RHEL Clone, and Fedora

Debian and Derivatives: SnowCamp, Debian Gitlab, Debian/TeX Live, Snap Apps

  • Report from Debian SnowCamp: day 3
    Thanks to Valhalla and other members of LIFO, a bunch of fine Debian folks have convened in Laveno, on the shores of Lake Maggiore, for a nice weekend of relaxing and sprinting on various topics, a SnowCamp.
  • Report from SnowCamp #1
    As Nicolas already reported, a bunch of Debian folk gathered in the North of Italy for a long weekend of work and socialisation.
  • Debian Gitlab (salsa.debian.org) tricks
  • Debian/TeX Live 2017.20180225-1
    To my big surprise, the big rework didn’t create any havoc at all, not one bug report regarding the change. That is good. OTOH, I took some time off due to various surprising (and sometimes disturbing) things that have happened in the last month, so the next release took a bit longer than expected.
  • Ubuntu Software Will Soon Let You Install Beta, Bleeding Edge Snap Apps
    No, not TV channels, or the sort the that ferries goods between countries, but development channels, e.g, beta, bleeding edge, stable, etc. Snap developers are able to distribute different versions of their app over “channels”, and have for almost as long as Snappy has been around in fact.