Linux Lite Forums

General => Security & Bug Fixes => Topic started by: Scott on February 21, 2016, 09:20:44 AM

Title: Linux Mint ISOs & Forums Compromised
Post by: Scott on February 21, 2016, 09:20:44 AM
No need for panic but this is definitely newsworthy.  ~Scott

http://blog.linuxmint.com/?p=2994 (http://blog.linuxmint.com/?p=2994)

Update
Looks like the Mint forums were compromised as well.
http://blog.linuxmint.com/?p=3001
Title: Re: Linux Mint ISOs & Forums Compromised
Post by: rokytnji on February 21, 2016, 11:10:10 AM
If users bothered to md5sum check their downloaded isos against a good posted number.
Then they will know they have a bad iso.
Title: Re: Linux Mint ISOs & Forums Compromised
Post by: Jerry on February 21, 2016, 06:31:45 PM
Wordpress is a joke, worst CMS in the history on the interwebz.
I pentested a Wordpress site for a client the other day, a start up company in NZ. The results would shock you. I wish they'd come to me before going live. They asked me what they should do. My answer was blunt and unapologetic, "dump Wordpress, hand-code everything in php, html and css."
Title: Re: Linux Mint ISOs & Forums Compromised
Post by: Scott on February 21, 2016, 10:27:59 PM
Update
Looks like the Mint forums were compromised as well.
http://blog.linuxmint.com/?p=3001 (http://blog.linuxmint.com/?p=3001)
Title: Re: Linux Mint ISOs & Forums Compromised
Post by: torreydale on February 22, 2016, 09:07:26 AM
Three weeks ago I couldn't download the *.torrent file from their site (for Cinnamon or MATE editions), and that's the route the news article seems to suggest is safer at the moment.

The "good news" in this is that a Linux distro is seen as so popular that it's worth hacker attention. 
Title: Re: Linux Mint ISOs & Forums Compromised
Post by: LinuxNoob on February 22, 2016, 01:48:26 PM
  https://youtu.be/KMRwaQNs45k?t=32m45s (https://youtu.be/KMRwaQNs45k?t=32m45s)

I listen to JB sometimes and came across this thought I would share however it seems it's already been posted so here is a vlog about some info and commentary about this.

Enjoy
Title: Re: Linux Mint ISOs & Forums Compromised
Post by: LL-user on February 25, 2016, 07:49:42 PM
An update that might be important for anyone who has/had an Linux Mint Forums account:

The Linux Mint forum database was sold on January 16, a full month before users were made aware of a breach.

http://news.softpedia.com/news/linux-mint-forum-database-compromised-for-at-least-a-month-before-announcement-500901.shtml (http://news.softpedia.com/news/linux-mint-forum-database-compromised-for-at-least-a-month-before-announcement-500901.shtml)
Title: Re: Linux Mint ISOs & Forums Compromised
Post by: avj on February 25, 2016, 08:41:52 PM
Evidently ZDNet interviewed the hacker, and he claims he hacked the site twice the first time on January 28 and the second time on February 18.

Article at the following link.

http://www.zdnet.com/article/hacker-hundreds-were-tricked-into-installing-linux-mint-backdoor/
Title: Re: Linux Mint ISOs & Forums Compromised
Post by: nomko on February 27, 2016, 04:08:37 PM
How did that Zack Whittaker guy ended up with that hacker? If the hacker was a "lone wolf" nobody heard of or knew about, how did Zack Whittaker ended up with him? Unless he knows the hacker and knew he was doing... I don't believe that any hacker will call up some newspaper or magazine saying: he guys! i've hacked the Mint site and the forum! you know what, i vene hacked some other sites! wanna do an interview with me??