Notice: wp_add_inline_style was called incorrectly. Do not pass style tags to wp_add_inline_style(). Please see Debugging in WordPress for more information. (This message was added in version 3.7.) in /home/atechlab/public_html/wp-includes/functions.php on line 3622
Home , Hacking , Linux Mint website compromised and ISO links replaced by Trojan OS
Linux Mint website compromised and ISO links replaced by Trojan OS

Linux Mint website compromised and ISO links replaced by Trojan OS

!WARNING – WARNING -WARNING!

 Linux Mint website compromised and ISO links replaced by Trojan OS

!WARNING – WARNING -WARNING!

 

What is Linux Mint :

Linux Mint website compromised and ISO links replaced by Trojan OS
Linux Mint GUI
Linux Mint is a  Linux distribution based on community-driven and  Debian and Ubuntu that strives to be a modern, elegant and comfortable operating system which is both powerful and easy to use. It is one of the most popular Distros of Linux, that is widely used by the millions of people all around the world.
 Linux Mint website compromised and ISO links replaced by Trojan OS
Core Cause :

The Linux mint website got exposed to an intrusion on sunday 21-02-2016.The hacker got into the internal admin area of website and modified the download link of the current version of Linux Mint ISO file! Although it was brief and it shouldn’t impact many people,but must read the information given below.

What happened?

Hackers made a modified Linux Mint ISO, with a backdoor in it, and managed to hack Linux website to point to it.

Linux Mint website compromised and ISO links replaced by Trojan OS

 

Does this affect you?

  • Only Linux Mint 17.3 Cinnamon edition was compromised.
  • So, If you downloaded another versions, this does not affect you.
  • Those who downloaded this edition on February 20th would be affected.

 

How to check if your ISO is backdored?

 

You can check your ISO file for the surety of consistency of ISO file ,to do this check the MD5 signature with the command “md5sum yourfile.iso”

(where yourfile.iso is the name of the ISO).

 

The valid signatures are below:(Data has been given here is from the Official Site)

6e7f7e03500747c6c3bfece2c9c8394f  linuxmint-17.3-cinnamon-32bit.iso
e71a2aad8b58605e906dbea444dc4983  linuxmint-17.3-cinnamon-64bit.iso
30fef1aa1134c5f3778c77c4417f7238  linuxmint-17.3-cinnamon-nocodecs-32bit.iso
3406350a87c201cdca0927b1bc7c2ccd  linuxmint-17.3-cinnamon-nocodecs-64bit.iso
df38af96e99726bb0a1ef3e5cd47563d  linuxmint-17.3-cinnamon-oem-64bit.iso

 

 

Or, If you have the burnt DVD or USB stick, OUR SUGGESTION IS : PLEASE REMOVE IT and BURN AGAIN.

 

The  file in  : /var/lib/man.cy, then this is an infected ISO.

 

What to do if you are affected?

If you installed this ISO on a computer:

  • Disconnect the computer fro Internet.
  • Move or  Backup your personal data to an external storage.
  • Reinstall the OS or format the partition.
  • Change your passwords for sensitive websites (for your email in particular).

 

 

Is everything back to normal now?

No.not at all Linux Mint guys are still fixing the problem with servers.

 

Who did that?

The hacked ISOs are hosted on 5.104.175.212 and the backdoor connects to absentvodka.com.

Both lead to Sofia, Bulgaria, and the name of 3 people over there.Their roles in this is not cleared.

The motivation behind this attack is still unknown.

 

Hackers Selling Linux Mint Website’s Database

The hackers are selling the Linux Mint full website’s database for a just $85 . Click here to see the novice act!

 

You can read more at the Official blog : Linux Mint 

About Abhishek Gautam

I am a technology enthusiastic, Researcher, Computer Engineer as well as the mind behind the atechlab.net – The Ultimate Cyber Tech Lab!

Check Also

Major Encryption and Hashing techniques used for Web Security

Major Encryption and Hashing techniques used for Web Security

Major Encryption and Hashing techniques used for Web Security Encryption is one of the main …

Leave a Reply

Your email address will not be published. Required fields are marked *

Watch Dragon ball super


Notice: Undefined index: efbl_enable_popup in /home/atechlab/public_html/wp-content/plugins/easy-facebook-likebox/public/easy-facebook-likebox.php on line 379

Notice: Undefined index: efbl_enable_popup in /home/atechlab/public_html/wp-content/plugins/easy-facebook-likebox/public/easy-facebook-likebox.php on line 379