Linux Mint Website Hack: A Timeline of Events


Recommended Posts

  Quote
Last night, the Linux Mint team announced that someone had hacked their servers and started pointing user downloads to malicious ISO images for the Linux Mint 17.3 Cinnamon edition. Our Linux editor already covered the initial details of the attack, which we recommend reading before going forward with this article.

 

Since then, in the last ten hours, the Linux and infosec communities have been working hard to investigate what happened and how the hackers operated. While most of the details have been uncovered, people are still debating about the hackers' point of entry.

 

Linux Mint Team: They hacked us via our WordPress site

 

The first to provide an answer was Clement Lefebvre, leader of the Linux Mint project, who acknowledged in a comment on the official announcement that the initial point of entry was their WordPress blog.

 

In this scenario, the hackers managed to escalate their access to the underlying server and finally get shell access to www-data. From here they modified the Linux Mint download page to point to a malicious FTP server hosted in Bulgaria (IP: 5.104.175.212).

 

The Linux Mint team discovered the issue, cleaned up the links from their site, announced the data breach on their blog, and then it appears that the hackers re-compromised the download page again.

 

During the second compromise, all Linux Mint download mirrors were pointing to the same Bulgarian FTP IP

 

Seeing that they've failed to eliminate the hackers' true point of entry, the Linux Mint team decided to take down the entire linuxmint.com domain to avoid the ISO images from spreading to users that had not seen its security alert.

 

 

 

 

 

 

 

http://news.softpedia.com/news/linux-mint-website-hack-a-timeline-of-events-500719.shtml

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Recent Achievements

    • One Month Later
      Orpheus13 earned a badge
      One Month Later
    • Week One Done
      Orpheus13 earned a badge
      Week One Done
    • One Year In
      Orpheus13 earned a badge
      One Year In
    • Week One Done
      serfegyed earned a badge
      Week One Done
    • Week One Done
      fashionuae earned a badge
      Week One Done
  • Popular Contributors

    1. 1
      +primortal
      519
    2. 2
      ATLien_0
      261
    3. 3
      +FloatingFatMan
      202
    4. 4
      +Edouard
      168
    5. 5
      Xenon
      122
  • Tell a friend

    Love Neowin? Tell a friend!