Η team των Linux Mint revealed today ότι η ιστοσελίδα τους παραβιάστηκε και ότι οι εικόνες ISO των Linux Mint που είχαν διανεμηθεί από την επίσημη ιστοσελίδα στις 20 Φεβρουαρίου 2016 είναι ανsafes.
According to an article in their blog, the invasion took place on February 20 and was located a bit later. OR official website of Linux Mint is except operation at the time of writing this article.
This means that the attackers only had a limited timeframe in which they would be able to distribute falsified ISO images.
The attackers managed to break the website and put the download links under control, which means that one of the company's servers offered dangerous ISO images of Linux Mint.
The research team, after checking for dangerous distributors, found that the violated version contains a backdoor linked to a website hosted in Bulgaria.
They also found that only downloads of Linux Mint 17.3 Cinnamon seem to have been affected by hacking.
What is interesting here is that torrent links were not affected, only direct ones are vulnerable connections on the Linux Mint website.
The reason is simple; Popular torrents are distributed by various seeders all over the world in continuous circulation so that hackers are unable to manipulate the data, i.e. replace them with a hacked image.
If you downloaded Linux Mint on February 20 from the official website using direct links, or even earlier than February 20 and you want to make sure it is clean then you have the following options.
If you still have the ISO image available, you can check its signature to make sure it is valid. If you run Linux, use md5sum nameofiso.iso, for example md5sum linuxmint-17.3-cinnamon-64bit.iso
Windows users can use a program like this RekSFV or File Verifier to control the image they have in their hands.
The ISO image is clean if the signature matches one of the following:
6e7f7e03500747c6c3bfece2c9c8394f linuxmint-17.3-cinnamon-32bit.iso e71a2aad8b58605e906dbea444dc4983 linuxmint-17.3-cinnamon-64bit.iso 30fef1aa1134c5f3778c77c4417f7238 linuxmint-17.3-cinnamon-nocodecs-32bit.iso 3406350a87c201cdca0927b1bc7c2ccd linuxmint-17.3-cinnamon-nocodecs-64bit.iso df38af96e99726bb0a1ef3e5cd47563d linuxmint-17.3-cinnamon-oem-64bit.iso
You can also control the network traffic if you no longer have access to the ISO image because you may have deleted it. The dangerous version of Linux Mint 17.3 is linking to the site absentvodka.com (this may change, so check for any links that do not match your traffic).
Obviously, if you downloaded the ISO image just yesterday, you can download a legitimate ISO back from the official site by using link torrents, delete the old installation, format and install the new one.
This ensures that your system is clean and has no backdoor.
The two basic torrent files you may be interested in are:
