Groups | Search | Server Info | Login | Register

Groups > comp.os.linux.security > #683

Re: 2/20/16 Linux Mint downloads compromised

From Johnny <johnny@invalid.net>
Newsgroups alt.os.linux.mint, comp.os.linux.security
Subject Re: 2/20/16 Linux Mint downloads compromised
Date 2016-02-21 06:14 -0600
Organization albasani.net
Message-ID <20160221061427.6994565f@jspc> (permalink)
References <nnd$1d3e6689$238e4bd5@695a3fabb9aa8c3c>

Cross-posted to 2 groups.

Show all headers | View raw

On Sun, 21 Feb 2016 05:48:09 +0100
bleak_fire_ <penachew@yomomma.hot.invalid> wrote:

> http://blog.linuxmint.com/?p=2994
> 
> Quotes:
> 
> "Beware of hacked ISOs if you downloaded Linux Mint on February 20th!"
> 
> "We were exposed to an intrusion today. It was brief and it shouldn’t 
> impact many people, but if it impacts you, it’s very important you
> read the information below."
> 
> "Hackers made a modified Linux Mint ISO, with a backdoor in it, and 
> managed to hack our website to point to it."
> 
> "As far as we know, the only compromised edition was Linux Mint 17.3 
> Cinnamon edition."
> 
> "If you downloaded another release or another edition, this does not 
> affect you. If you downloaded via torrents or via a direct HTTP link, 
> this doesn’t affect you either."
> 
> "Finally, the situation happened today, so it should only impact
> people who downloaded this edition on February 20th."
> 
> "The hacked ISOs are hosted on 5.104.175.212 and the backdoor
> connects to absentvodka.com."
> 
> "Both lead to Sofia, Bulgaria, and the name of 3 people over there.
> We don’t know their roles in this, but if we ask for an
> investigation, this is where it will start."
> 

This would be a good time for Cinnamon users to try Douane Firewall.

https://github.com/Douane/Douane/wiki/Compilation

Back to comp.os.linux.security | Previous | NextPrevious in thread | Next in thread | Find similar

Thread

2/20/16 Linux Mint downloads compromised bleak_fire_ <penachew@yomomma.hot.invalid> - 2016-02-21 05:48 +0100
  Re: 2/20/16 Linux Mint downloads compromised Johnny <johnny@invalid.net> - 2016-02-21 06:14 -0600
    Re: 2/20/16 Linux Mint downloads compromised Yrrah <Yrrah-aolm@aolm.invalid> - 2016-02-21 14:19 +0100
      Re: 2/20/16 Linux Mint downloads compromised Johnny <johnny@invalid.net> - 2016-02-21 10:22 -0600
        Re: 2/20/16 Linux Mint downloads compromised Yrrah <Yrrah-aolm@aolm.invalid> - 2016-02-21 17:44 +0100
          Re: 2/20/16 Linux Mint downloads compromised Caver1 <caver1@inthemud.org> - 2016-02-21 11:58 -0500
  Re: 2/20/16 Linux Mint downloads compromised Paul <nospam@needed.com> - 2016-02-21 08:43 -0500
    Re: 2/20/16 Linux Mint downloads compromised Richard Kettlewell <rjk@greenend.org.uk> - 2016-02-21 14:06 +0000
      Re: 2/20/16 Linux Mint downloads compromised Paul <nospam@needed.com> - 2016-02-21 09:37 -0500
        Re: 2/20/16 Linux Mint downloads compromised Richard Kettlewell <rjk@greenend.org.uk> - 2016-02-21 16:06 +0000
  Re: 2/20/16 Linux Mint downloads compromised Yrrah <Yrrah-aolm@aolm.invalid> - 2016-02-21 17:40 +0100

csiph-web