2 min read

Tampered Linux Mint ISO Linked on Official Website

Liviu ARSENE

February 22, 2016

Promo Protect all your devices, without slowing them down.
Free 30-day trial
Tampered Linux Mint ISO Linked on Official Website

A hacker posted a tampered Linux Mint 17.3 Cinnamon edition on the official website on February 21, bundling a backdoor into the ISO that would have allowed attackers to gain remote access to infected systems via IRC servers.

Tampered Linux Mint ISO Linked on Official Website

The attacker goes under the alias of “Peace,” and it is believed that the Tsunami backdoor had been used in an attempt to build a botnet.

“Hackers made a modified Linux Mint ISO, with a backdoor in it, and managed to hack our website to point to it,” said Clem Lefebvre, creator of the Linux Mint distribution. “Finally, the situation happened today, so it should only impact people who downloaded this edition on February 20th.”

The attacker also claimed that the official website`s forum had been copied twice, gaining access to some personally identifiable information, such as passwords, email addresses, and birthdates. The dump was allegedly posted in the Dark Web for 0.197 bitcoin, which is about $85 per download.

He claimed it all started with him “just poking around,” and said he found a vulnerability that allowed him authorized access to the website and to replace the download with his own tampered ISO. Using a server in Bulgaria, Peace planted his ISO and added the mirror to the hacked website.

While the hacker`s motivation seems to have been “just having access in general,” it is yet unclear how many users downloaded the tampered Linux distribution. One way of figuring out whether you downloaded the right Linux Mint distribution is to check your ISO`s MD5 signature with the one displayed on the official website.

“If you still have the ISO file, check its MD5 signature with the command “md5sum yourfile.iso” (where yourfile.iso is the name of the ISO),” said Lefebvre.

Those of you who have already installed the tampered ISO on your machine are encouraged to put your computers offline, back up any stored data, reinstall the OS using the official ISO, and change all passwords as an extra precaution.

tags


Author


Liviu ARSENE

Liviu Arsene is the proud owner of the secret to the fountain of never-ending energy. That's what's been helping him work his everything off as a passionate tech news editor for the past few years.

View all posts

You might also like

Bookmarks


loader