Popular Linux distro hit by hacked version on official site over the weekend

Linux Mint

When you download an operating system, you certainly don't expect to be installing an altered version with a backdoor in place, but sadly this is what happened to some folks who downloaded a popular version of Linux over the weekend.

To be precise, we are talking about Linux Mint – specifically the 17.3 Cinnamon edition. As the makers of Mint announced in a blog post, what actually happened was a malicious party made a modified version of said OS (containing a backdoor) and hacked the official website to point to this compromised download.

The maliciously modified version was available for a time on Saturday (February 20) before the issue was discovered, so if you downloaded and installed Mint from the official site on that day, then you've got a problem (and if this was a machine with business data on, a potentially even bigger problem).

If you grabbed another version aside from Mint 17.3 Cinnamon edition, then you're fine, and equally if you downloaded from elsewhere other than the official website (say via torrents) then you're also okay.

If you're unsure about whether you're safe or not, as Clement Lefebvre, who is in charge of Linux Mint, advises, you can check the MD5 signature "with the command md5sum yourfile.iso (where yourfile.iso is the name of the ISO)."

The list of valid signatures is provided in Clem's blog post, and further advice is given on what action to take if you did install this backdoor-laden OS (take the PC offline, reinstall the OS or format the partition, and change any passwords you may have used on the machine).

Apparently the compromised ISO was loaded with Tsunami botnet malware.

Forum compromised

At the time the attack was discovered, Lefebvre said that it was traced to Bulgaria, but the motivation wasn't known. However, ZDNet later spoke to a lone hacker from Europe by the handle of 'Peace' who claimed to be responsible, and said they had successfully compromised a few hundred machines running Mint.

The hacker also claimed to have stolen a complete copy of the Mint website's forum on two occasions, containing personal information of users including birthdates, email addresses and passwords (although the latter were encrypted).

However, the passwords are in the process of being cracked by all accounts (simple passwords will be particularly susceptible to being brute-forced), so if you're a forum member, you should take action on that front too and change your password (and other instances of that password if you've used it elsewhere – of course, it goes without saying that's very bad security practice).

The Mint team was quick to respond to this whole incident, and transparent in dealing with it, although the fallout from the compromise is likely to be considerable in the short-term.

TOPICS

Darren is a freelancer writing news and features for TechRadar (and occasionally T3) across a broad range of computing topics including CPUs, GPUs, various other hardware, VPNs, antivirus and more. He has written about tech for the best part of three decades, and writes books in his spare time (his debut novel - 'I Know What You Did Last Supper' - was published by Hachette UK in 2013).

Latest in Software & Services
TinEye website
I like this reverse image search service the most
A person in a wheelchair working at a computer.
Here’s a free way to find long lost relatives and friends
A white woman with long brown hair in a ponytail looks down at her computer in a distressed manner. She is holding her forehead with one hand and a credit card with the other
This people search finder covers all the bases, but it's not perfect
That's Them home page
Is That's Them worth it? My honest review
woman listening to computer
AWS vs Azure: choosing the right platform to maximize your company's investment
A person at a desktop computer working on spreadsheet tables.
Trello vs Jira: which project management solution is best for you?
Latest in News
Nintendo Switch 2 Joy-Con up-close from app store
Nintendo's new app gave us another look at the Switch 2, and there's something different with the Joy-Con
cheap Nintendo Switch game deals sales
Nintendo didn't anticipate that Mario Kart 8 Deluxe was 'going to be the juggernaut' for the Nintendo Switch when it was ported to the console, according to former employees
Three angles of the Apple MacBook Air 15-inch M4 laptop above a desk
Apple MacBook Air 15-inch (M4) review roundup – should you buy Apple's new lightweight laptop?
Witchbrook
Witchbrook, the life-sim I've been waiting years for, finally has a release window and it's sooner than you think
Close up of Leica M11-P viewfinder
I wince at the prospect of the rumored Leica M11-V – here's why
Amazon Echo Smart Speaker
Amazon is experimenting with renaming Echo speakers to Alexa speakers, and it's about time