Target: Linux Mint

“the breach was made via wordpress. From there they got a www-data shell”
 
See The Linux Mint Blog » Blog Archive » Beware of hacked ISOs if you downloaded Linux Mint on February 20th!
Linux Mint is still tiny compared to Debian and other older distros. Their tiny resources bit them recently with a compromise of the blog leading to misleading links to downloads. A day later, their server is still offline.

UPDATE See also, It looks like the forums were also compromised in the hack That’s what happens when bad guys are given control of everything.

About Robert Pogson

I am a retired teacher in Canada. I taught in the subject areas where I have worked for almost forty years: maths, physics, chemistry and computers. I love hunting, fishing, picking berries and mushrooms, too.
This entry was posted in technology and tagged , , , , , . Bookmark the permalink.

4 Responses to Target: Linux Mint

  1. oiaohm says:

    kurkosdr you cannot have it both ways.
    https://codex.wordpress.org/Configuring_Automatic_Background_Updates

    Yes wordpress provides means to auto updates. Also provides means to disable automatic updates. You have complained about Windows 10 not allowing users to skip particular updates due to issues.

    Ubuntu requriring sudo accounts to apply security patches? No prob.
    Windows update in XP and before if attempt to be run manually by limited or guest account privilege failed as well. If you have a packagekit supporting package manager under Ubuntu ie Ubuntu store users can be applied to apply updates without requiring sudo login. Ok might appear to be a sudo login because a polkit comes up and asked for admin users password but its not sudo. Any admin user can be used at that point.

    There is a miss understanding between what is a polkit action on Ubuntu and what is a sudo action.

  2. kurkosdr says:

    Isn’t WordPress supposed to auto-update itself and it’s plugins?

    I am always surprised how FOSSies will whine about IE6 walking the internet even after IE7 was sent as an important update, which was a case of users disabling the auto-update despite the OS warnings.

    Meanwhile… Ubuntu requriring sudo accounts to apply security patches? No prob. WordPress failing to update? No prob.

  3. dougman says:

    Well, this was rather sneaky, but at least it was caught. Attempting to proffer a tainted ISO for Linux is not an ideal methodology, as the MD5 sum change can be easily viewed.

    These idiots are better off using Windows ransomware, as at least the payout is far better.

    http://fortune.com/2016/02/18/hollywood-hospital-hackers-computer-system/

    https://www.microsoft.com/security/portal/mmpc/shared/ransomware.aspx

Leave a Reply