Linux.com Hacked


Recommended Posts

Following on the heels of a breach of kernel.org, the internet holding place for the Linux kernel, Linux.com and its related sites have been breached. Details of the attack are unknown at this time, but as of this writing I get a message from Linux.com telling me it's down for maintenance. Here is an e-mail I just received from the head-sheds at Linux.com, and below that is a screenshot of Linux.com as of right now.

  Quote
Attention Linux.com and LinuxFoundation.org users,

We are writing you because you have an account on Linux.com,

LinuxFoundation.org, or one of the subdomains associated with these domains.

On September 8, 2011, we discovered a security breach that may have

compromised your username, password, email address and other information you

have given to us. We believe this breach was connected to the intrusion on

kernel.org.

As with any intrusion and as a matter of caution, you should consider the

passwords and SSH keys that you have used on these sites compromised. If you

have reused these passwords on other sites, please change them immediately.

We are currently auditing all systems and will update public statements when

we have more information.

We have taken all Linux Foundation servers offline to do complete

re-installs. Linux Foundation services will be put back up as they become

available. We are working around the clock to expedite this process and are

working with authorities in the United States and in Europe to assist with

the investigation.

The Linux Foundation takes the security of its infrastructure and that of

its members extremely seriously and are pursuing all avenues to investigate

this attack and prevent future ones. We apologize for this inconvenience and

will communicate updates as we have them.

Please contact us at info@linuxfoundation.org with questions about this

matter.

The Linux Foundation

post-125978-0-73981200-1315780883.png

Link to comment
https://www.neowin.net/forum/topic/1024650-linuxcom-hacked/
Share on other sites

It's worth noting that despite the problems the sites are having, none of the kernel code has been compromised, so Linux is still perfectly safe to use.

====

On a sidenote, that is some epic huge spam right there.

ouch mozillazine could have a possibility to be affected:

take a look!

Domain mozillazine.org

Netblock owner Oregon State System of Higher Education

IP address 140.211.166.65

Domain linux.com

Netblock owner Oregon State System of Higher Education

IP address 140.211.169.32

same datacenter!!!!!!! NOT GOOD.

Wait, kernel.org was hacked last week too if i'm not mistake. We haven't gotten a new cyanogenmod in so long because the github repo couldn't sync with the source or something like that. Seems someone's out to get Linux (maybe it's Apple and Microsoft :shifty:)

So was Linux.com website using Linux server if it was hacked?

I guess this would disprove the theory that Linux is almost unhackable.

PS: Why would hackers want to hack a linux and open source website? I thought hackers liked Linux because its free and people contribute to it and its non profit unlinke MS and Apple.

  On 12/09/2011 at 00:08, nukenorman said:

So was Linux.com website using Linux server if it was hacked?

I guess this would disprove the theory that Linux is almost unhackable.

PS: Why would hackers want to hack a linux and open source website? I thought hackers liked Linux because its free and people contribute to it and its non profit unlinke MS and Apple.

Depending on the group, some hackers hack just to hack. Hackerleaks.tk, which was up just a month or so ago, was a website where people could go brag about their latest hack. They had posts where people had broken into the most random stuff, with no larger objective apparent.

Anything is hackable, with enough time and knowledge about your target. People who say Linux is "unhackable" are naive. I like it because it just works and is easier for me to manage and have positive control over, but it is by no means perfect or "unhackable".

  On 12/09/2011 at 00:08, nukenorman said:

PS: Why would hackers want to hack a linux and open source website? I thought hackers liked Linux because its free and people contribute to it and its non profit unlinke MS and Apple.

It's Sunday and script kiddies are bored - that's basically all the reason needed.

  On 12/09/2011 at 00:08, nukenorman said:

So was Linux.com website using Linux server if it was hacked?

I guess this would disprove the theory that Linux is almost unhackable.

PS: Why would hackers want to hack a linux and open source website? I thought hackers liked Linux because its free and people contribute to it and its non profit unlinke MS and Apple.

IIRC kernel.org was hacked because of a weak password and the guys who did it weren't actually targeting kernel.org, it probably just popped up in an automated scan.

Almost anything can be hacked, but if people use weak passwords and/or poor administration practices you don't even need to look for actual vulnerabilities on the platform. I know several medium/big companies where half of their HPUX servers have root passwords like "temporary" or "admin" *shrug*

So there's been an update posted to the page you get when you visit www.linux.com .

  Quote
Linux Foundation infrastructure including LinuxFoundation.org, Linux.com, and their subdomains are down for maintenance due to a security breach that was discovered on September 8, 2011. The Linux Foundation made this decision in the interest of extreme caution and security best practices. We believe this breach was connected to the intrusion on kernel.org.

We are in the process of restoring services in a secure manner as quickly as possible. As with any intrusion and as a matter of caution, you should consider the passwords and SSH keys that you have used on these sites compromised. If you have reused these passwords on other sites, please change them immediately. We are currently auditing all systems and will update this statement when we have more information.

We apologize for the inconvenience. We are taking this matter seriously and appreciate your patience. The Linux Foundation infrastructure houses a variety of services and programs including Linux.com, Open Printing, Linux Mark, Linux Foundation events and others, but does not include the Linux kernel or its code repositories.

Please contact us at info@linuxfoundation.org with questions about this matter.

The Linux Foundation

*** UPDATE***

We want to thank you for your questions and your support. We hope this FAQ can help address some of your inquiries.

Q: When will Linux Foundation services, such as events, training and Linux.com be back online?

Our team is working around the clock to restore these important services. We are working with authorities and exercising both extreme caution and diligence. Services will begin coming back online in the coming days and will keep you informed every step of the way.

Q: Were passwords stored in plaintext?

The Linux Foundation does not store passwords in plaintext. However an attacker with access to stored password would have direct access to conduct a brute force attack. An in-depth analysis of direct-access brute forcing, as it relates to password strength, can be read at http://www.schneier.com/blog/archives/2007/01/choosing_secure.html. We encourage you to use extreme caution, as is the case in any security breach, and discontinue the use of that password if you re-use it across other sites.

Q: Does my Linux.com email address work?

Yes, Linux.com email addresses are working and safe to use.

Q: What do you know about the source of the attack?

We are aggressively investigating the source of the attack. Unfortunately, we can't elaborate on this for the time being.

Q: Is there anything I can do to help?

We want to thank everyone who has expressed their support while we address this breach. We ask you to be patient as we do everything possible to restore services as quickly as possible.

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.