Groups | Search | Server Info | Login | Register

Groups > comp.os.linux.security > #683

Re: 2/20/16 Linux Mint downloads compromised

Path csiph.com!weretis.net!feeder4.news.weretis.net!news.albasani.net!.POSTED!not-for-mail
From Johnny <johnny@invalid.net>
Newsgroups alt.os.linux.mint, comp.os.linux.security
Subject Re: 2/20/16 Linux Mint downloads compromised
Date Sun, 21 Feb 2016 06:14:27 -0600
Organization albasani.net
Lines 39
Message-ID <20160221061427.6994565f@jspc> (permalink)
References <nnd$1d3e6689$238e4bd5@695a3fabb9aa8c3c>
Mime-Version 1.0
Content-Type text/plain; charset=UTF-8
Content-Transfer-Encoding quoted-printable
X-Trace news.albasani.net brPzx7jfxKijhxuPWhwh6Dd7WFJC+Z0r3rIbMUnT4aonGNdi/aGR8yUUoUSqbDvugLLWS6szQijnntBF4HJ24A==
NNTP-Posting-Date Sun, 21 Feb 2016 12:14:27 +0000 (UTC)
Injection-Info news.albasani.net; logging-data="Rk4Z674kVD6m+buGW9+cCR5pVVvZTSEIOSVZuq72GQt2sFlWy6Wxo9qWTU6VgtujkArvFY6qY3h7Wck7UqNQpwAy+L8JbIa2GUdhsoGKRQXFimaH408urTjwrhC/doD2"; mail-complaints-to="abuse@albasani.net"
X-Newsreader Claws Mail 3.13.2 (GTK+ 2.24.23; x86_64-unknown-linux-gnu)
Face iVBORw0KGgoAAAANSUhEUgAAADAAAAAwBAMAAAClLOS0AAAAIVBMVEXn6Ok+WJIBGFL+/v4DHVMABi8BFE0AD0Wgqr339/cXKlbmu8KRAAACa0lEQVQ4jZ3UMW/aQBQA4GdFlc6ZcJSAky0n6kZMlbKE0ZYTWWxEXInYQImJuoHAFzHhphSXyREL7oQlHFz/yr6zTQKJ2qFP8uD7/N49P50N538J+C9wld1QvXkKErs2wx1wlwKqUe0j75TNTVBbd5VHhAtHOUy2ExLdnf1GeDoJT5KdqCnRzTlUJU+p7cJKv7uZQ3WmfjfT+9DzMDXGSx/W9+DzVD3MIA4WrST5GZCVfilgYhXNVGIgrST0YTZoZ3BWFF3mUABYX7WjHGj6AhaQUSKD1HiBAwRvlULsw5FJTzOwDii1fDeFYyCOsQ1Y2sOuej5Mb+kLFCmtAEgPwWLpw9o0tkErkOg+8OVAuqY7GeX4x8AKMPbNLcA96PLZsAI/lhernQxst4GwGMnBDKH9klFRft1SK7hwCsGTQbXeOs84lYMPBj2bXwweZP9Qs9s5lO4BJmYKtTHs27yXlyq1AaYGllr0rwpAnvloA05LnRplARSfKfJRNna9xB2OzaSgYa0NnB5xhyrpIPu0vCSlZg5tAfEKX6vZocooYpuMnoBj16DUoBWytvmwtYGmg9Od4SHE8Sta9xWYcwZCaqoPxEC4yyBiTgGkcAxAkjF57g4br/DV5Vd1IE277n7pskZ64CZ17KPb7JR1kAbGJ2bzbeAdSnXYx5HbW3DJmgIq4wmCxoeswQR8698xxp0OLSdrXMcE1krBVS4ZpnBbs21qdzGB6Tm8jbDEbvag6mIlxvvZ+TUNsQdjsYCIicBiaWQ36hzOyUm+7nS5jZfAcIwfp+8m70KVxXdOvLe7e+O5+DNU4V3M//GT+QO30VYk3f//FQAAAABJRU5ErkJggg==
Cancel-Lock sha1:eaJcJVXEgnfJjsBtWK9TSjTTl20=
Xref csiph.com alt.os.linux.mint:19936 comp.os.linux.security:683

Cross-posted to 2 groups.

Show key headers only | View raw

On Sun, 21 Feb 2016 05:48:09 +0100
bleak_fire_ <penachew@yomomma.hot.invalid> wrote:

> http://blog.linuxmint.com/?p=2994
> 
> Quotes:
> 
> "Beware of hacked ISOs if you downloaded Linux Mint on February 20th!"
> 
> "We were exposed to an intrusion today. It was brief and it shouldn’t 
> impact many people, but if it impacts you, it’s very important you
> read the information below."
> 
> "Hackers made a modified Linux Mint ISO, with a backdoor in it, and 
> managed to hack our website to point to it."
> 
> "As far as we know, the only compromised edition was Linux Mint 17.3 
> Cinnamon edition."
> 
> "If you downloaded another release or another edition, this does not 
> affect you. If you downloaded via torrents or via a direct HTTP link, 
> this doesn’t affect you either."
> 
> "Finally, the situation happened today, so it should only impact
> people who downloaded this edition on February 20th."
> 
> "The hacked ISOs are hosted on 5.104.175.212 and the backdoor
> connects to absentvodka.com."
> 
> "Both lead to Sofia, Bulgaria, and the name of 3 people over there.
> We don’t know their roles in this, but if we ask for an
> investigation, this is where it will start."
> 

This would be a good time for Cinnamon users to try Douane Firewall.

https://github.com/Douane/Douane/wiki/Compilation

Back to comp.os.linux.security | Previous | NextPrevious in thread | Next in thread | Find similar

Thread

2/20/16 Linux Mint downloads compromised bleak_fire_ <penachew@yomomma.hot.invalid> - 2016-02-21 05:48 +0100
  Re: 2/20/16 Linux Mint downloads compromised Johnny <johnny@invalid.net> - 2016-02-21 06:14 -0600
    Re: 2/20/16 Linux Mint downloads compromised Yrrah <Yrrah-aolm@aolm.invalid> - 2016-02-21 14:19 +0100
      Re: 2/20/16 Linux Mint downloads compromised Johnny <johnny@invalid.net> - 2016-02-21 10:22 -0600
        Re: 2/20/16 Linux Mint downloads compromised Yrrah <Yrrah-aolm@aolm.invalid> - 2016-02-21 17:44 +0100
          Re: 2/20/16 Linux Mint downloads compromised Caver1 <caver1@inthemud.org> - 2016-02-21 11:58 -0500
  Re: 2/20/16 Linux Mint downloads compromised Paul <nospam@needed.com> - 2016-02-21 08:43 -0500
    Re: 2/20/16 Linux Mint downloads compromised Richard Kettlewell <rjk@greenend.org.uk> - 2016-02-21 14:06 +0000
      Re: 2/20/16 Linux Mint downloads compromised Paul <nospam@needed.com> - 2016-02-21 09:37 -0500
        Re: 2/20/16 Linux Mint downloads compromised Richard Kettlewell <rjk@greenend.org.uk> - 2016-02-21 16:06 +0000
  Re: 2/20/16 Linux Mint downloads compromised Yrrah <Yrrah-aolm@aolm.invalid> - 2016-02-21 17:40 +0100

csiph-web