• Linux Mint website hacked, hackers replace ISOs with modified versions planted with a backdoor
    46 replies, posted
[url]http://arstechnica.com/security/2016/02/linux-mint-hit-by-malware-infection-on-its-website-and-forum-after-hack-attack/[/url] [QUOTE]Linux Mint forum users, and anyone who downloaded and installed a copy of the 17.3 Cinnamon edition on Saturday have probably been compromised by hackers and need to take action immediately, the distro's creator has warned. Clem Lefebvre, confirmed in a blog post that the "intrusion" had taken place over the weekend. He said: "Hackers made a modified Linux Mint ISO, with a backdoor in it, and managed to hack our website to point to it."[/QUOTE] [url]http://blog.linuxmint.com/?p=2994[/url] [quote]I’m sorry I have to come with bad news. We were exposed to an intrusion today. It was brief and it shouldn’t impact many people, but if it impacts you, it’s very important you read the information below. What happened? Hackers made a modified Linux Mint ISO, with a backdoor in it, and managed to hack our website to point to it. Does this affect you? As far as we know, the only compromised edition was Linux Mint 17.3 Cinnamon edition. If you downloaded another release or another edition, this does not affect you. If you downloaded via torrents or via a direct HTTP link, this doesn’t affect you either. Finally, the situation happened today, so it should only impact people who downloaded this edition on February 20th.[/quote]
and to think I was curious about linux and COULD have installed this thank god I'm too lazy
This is just another nail in the coffin for Linux. Linux doesn't get viruses yo!
Whattt, pure genius
Thats a lot of effort. The hack is one thing but adding a backdoor to the ISO and make people download that. Somehow thats pretty clever.
Compromised through Wordpress, unsurprisingly.
[QUOTE=TheCreeper;49794417]This is just another nail in the coffin for Linux. Linux doesn't get viruses yo![/QUOTE] Linux can't get viruses, but it can get bugs and exploits which can be abused to illegitimately gain access.
[QUOTE=TheCreeper;49794417]This is just another nail in the coffin for Linux. Linux doesn't get viruses yo![/QUOTE] This is 100% not a virus though. It's a backdoor exploit first of all, and it's not "Linux" that suffered it, but one distro due to shoddy security in the providing website rather than the distro itself. Linux still isn't likely to catch on any time soon, but this isn't really a mark against it, more a mark against the Mint devs for not being more on top of that shit. When you provide one of the biggest distros out there, you should really be aiming for top-tier security of your servers.
[QUOTE=DrDevil;49794493]Linux can't get viruses, but it can get bugs and exploits which can be abused to illegitimately gain access.[/QUOTE] There's a difference between isn't likely to, and isn't capable of. Linux is most certainly capable. No system is invulnerable to attack. That's crypto 101.
Man I just tried Mint/Cinnamon last month, really liked it too As of now, the main site is down. Nobody's getting any ISOs right now.
I guess it can't get viruses if you decide to categorize worms, rootkits, and privilege escalations as a separate thing.
People need to understand that the concept of a digital system that cannot be exploited or compromised simply does not exist in the real world. It is possible for one system to be more secure than another, certainly. It is also possible for a system to be a less enticing target, as is the case with apple and Linux due to window's comparatively massive market share. But when the chips are down, it's possible for an exploit to be found in anything. Now, I do have more faith in the fundamental security of Linux over windows due to the sane and transparent structure of the whole thing but that's a can of worms that's probably not worth opening. This discussion is made particularly silly, however, by the fact that it probably wasn't the mint operating system that was compromised, but whatever server they were hosting the images on. Which, to be fair, was probably running some flavor of Linux. It might have been poor coding in their Web server or something related to it that caused the breach rather than the operating system itself, but regardless, like I said, anything with a flaw can be compromised.
[QUOTE=Adzter;49794474]Compromised through Wordpress, unsurprisingly.[/QUOTE] I want to feel sorry for them... But I can't.
[QUOTE=DrDevil;49794493]Linux can't get viruses, but it can get bugs and exploits which can be abused to illegitimately gain access.[/QUOTE] Anything that is capable of executing code of some sort can get a virus.
[QUOTE=DrDevil;49794493]Linux can't get viruses, but it can get bugs and exploits which can be abused to illegitimately gain access.[/QUOTE] I don't see how Linux is any safer than Windows. If anything, Windows is more safer to use than Linux because Linux is "open source". Linux is just a fad...
[QUOTE=TheCreeper;49795206]Linux is just a fad...[/QUOTE] Shots fired
[QUOTE=TheCreeper;49795206]I don't see how Linux is any safer than Windows. If anything, Windows is more safer to use than Linux because Linux is "open source". Linux is just a fad...[/QUOTE] Exactly. I'd rather be dead than caught using any sort of Linux based system.
From what I heard, the hackers took advantage of Wordpress to re-route the download page's traffic to their own server, which had their own modified ISO of Mint with a backdoor. And only the Cinnamon version. If you used torrents, alternate desktop flavors, whatever, you most likely didn't have the backdoored version. People are right that you should never trust any software to be "unhackable", but the only thing that was really compromised in this case was Wordpress and the devs' judgements Also you can check MD5 hashes to see if your version is legitimate too.
[QUOTE=TheCreeper;49795206]I don't see how Linux is any safer than Windows. If anything, Windows is more safer to use than Linux because Linux is "open source". Linux is just a fad...[/QUOTE]I heard they don't even have thumbnails for their file-picker yet
[QUOTE=TheCreeper;49795206]I don't see how Linux is any safer than Windows. If anything, Windows is more safer to use than Linux because Linux is "open source". Linux is just a fad...[/QUOTE] It's due to the exact opposite reason why Windows generally has more vulnerabilities than any Linux distro. Security through obscurity doesn't aid anybody, it doesn't help the developer as malicious users can find vulnerabilities and never report them, using them to their whim, while if the code is open source, any user, malicious or not, can find these vulnerabilities. By the mere fact that more people are aware of the vulnerabilities, they become easier to fix or patch. Linux practices algorithmic security, that is, its components are safe by design. Even if everyone knows how they work, they know they cannot bypass them due to those algorithms being secure by its very nature. What the hackers did is exploit the people, not the OS. To be affected by this backdoor you would have to install a new version of the OS that contains it, it's impossible for a person owning Linux Mint to acquire it without their knowledge, and in fact, by checking MD5 hashes, you would likely be able to check if the ISO you downloaded has been tampered or not. This would be the equivalent of people pirating Windows, and installing a version of the OS that contains a backdoor that they can never remove, nor detect. Since the source you acquired the ISO from is unofficial, or rather not to be trusted, you may be vulnerable for attack without you even knowing. And if statistics mean anything, that means roughly 20% of the Windows users reading this very thread are very likely to have a backdoor or a trojan in their system, compared to the, what, maybe a thousand users total who downloaded Linux Mint Cinnamon on Saturday.
[QUOTE=Big Bang;49795970]It's due to the exact opposite reason why Windows generally has more vulnerabilities than any Linux distro. Security through obscurity doesn't aid anybody, it doesn't help the developer as malicious users can find vulnerabilities and never report them, using them to their whim, while if the code is open source, any user, malicious or not, can find these vulnerabilities. By the mere fact that more people are aware of the vulnerabilities, they become easier to fix or patch. Linux practices algorithmic security, that is, its components are safe by design. Even if everyone knows how they work, they know they cannot bypass them due to those algorithms being secure by its very nature. What the hackers did is exploit the people, not the OS. To be affected by this backdoor you would have to install a new version of the OS that contains it, it's impossible for a person owning Linux Mint to acquire it without their knowledge, and in fact, by checking MD5 hashes, you would likely be able to check if the ISO you downloaded has been tampered or not. This would be the equivalent of people pirating Windows, and installing a version of the OS that contains a backdoor that they can never remove, nor detect. Since the source you acquired the ISO from is unofficial, or rather not to be trusted, you may be vulnerable for attack without you even knowing. And if statistics mean anything, that means roughly 20% of the Windows users reading this very thread are very likely to have a backdoor or a trojan in their system, compared to the, what, maybe a thousand users total who downloaded Linux Mint Cinnamon on Saturday.[/QUOTE] *cough* [thumb]http://i.imgur.com/u4p6Qc5.png[/thumb]
I'm pretty sure he's just trolling.
[QUOTE=Big Bang;49795970]It's due to the exact opposite reason why Windows generally has more vulnerabilities than any Linux distro. Security through obscurity doesn't aid anybody, it doesn't help the developer as malicious users can find vulnerabilities and never report them, using them to their whim, while if the code is open source, any user, malicious or not, can find these vulnerabilities. By the mere fact that more people are aware of the vulnerabilities, they become easier to fix or patch. Linux practices algorithmic security, that is, its components are safe by design. Even if everyone knows how they work, they know they cannot bypass them due to those algorithms being secure by its very nature. What the hackers did is exploit the people, not the OS. To be affected by this backdoor you would have to install a new version of the OS that contains it, it's impossible for a person owning Linux Mint to acquire it without their knowledge, and in fact, by checking MD5 hashes, you would likely be able to check if the ISO you downloaded has been tampered or not. This would be the equivalent of people pirating Windows, and installing a version of the OS that contains a backdoor that they can never remove, nor detect. Since the source you acquired the ISO from is unofficial, or rather not to be trusted, you may be vulnerable for attack without you even knowing. And if statistics mean anything, that means roughly 20% of the Windows users reading this very thread are very likely to have a backdoor or a trojan in their system, compared to the, what, maybe a thousand users total who downloaded Linux Mint Cinnamon on Saturday.[/QUOTE] A funny argument people have brought up before is that because more vulnerabilities are recorded for linux than for windows, it must be less secure. The reality is all those things get found and fixed fast whereas stuff in windows just sits there for years and years barely hidden just nobody but those with malicious intent looks.
[QUOTE=pentium;49796077]I'm pretty sure he's just trolling.[/QUOTE] Well if his user agent is to be believed then he's just shitposting, but that didn't stop me from having a minor aneurism :hammered: [editline]23rd February 2016[/editline] [QUOTE=Big Bang;49795970]And if statistics mean anything, that means roughly 20% of the Windows users reading this very thread are very likely to have a backdoor or a trojan in their system[/QUOTE] Hope you're happy, you just convinced me to remote boot my PC to run a scan at 12:45am :unimpressed:
[QUOTE=Big Bang;49795970]and in fact, by checking MD5 hashes, you would likely be able to check if the ISO you downloaded has been tampered or not. [/QUOTE] If they were able to change the link on the site they simply would have placed a new hash. Better would be signing the ISOs but gpg is a bit more of a hassle than the dozens of utilities around for hashes...
Not to mention MD5 is a shit hash algorithm and can easily be tampered to produce collisions.
[QUOTE=Matthew0505;49796915]I thought they used it for random corruption, not security.[/QUOTE] Yes. That's why i'm saying it would be easier to just engineer a file that matches the hash on the original site than to hijack the original site if it has better security than the download site.
Anyone that thinks Linux is secure needs reminding that Android is on top of a linux kernel. Linux based OS variants absolutely can have viruses and absolutely can be exploited for root access.
[QUOTE=TheCreeper;49795206]I don't see how Linux is any safer than Windows. If anything, Windows is more safer to use than Linux because Linux is "open source". Linux is just a fad...[/QUOTE] [img]https://facepunch.com/fp/browser/linux.png[/img] Is this extreme saracasm, threadshitting or both?
[QUOTE=Matthew0505;49797487]The kernel security doesn't help when apps are coded in Java, or when there's a clusterfuck of manufacturers giving updates 2 years late.[/QUOTE] Are you saying that an OS has potential security vulnerabilities? Kernel security doesn't help when you use an OS and not just a kernel.
Sorry, you need to Log In to post a reply to this thread.