If you d/led Mint on this week read this

HairyMcbiker · ‎16-02-2009

Hackers made a modified Linux Mint ISO, with a backdoor in it, and managed to hack our [Mint] website to point to it. As far as we know, the only compromised edition was Linux Mint 17.3 Cinnamon edition. Finally, the situation happened today, so it should only impact people who downloaded this edition on February 20th.
Full story HERE
You know you are popular when the hackers start hacking your stuff

gleneagles · ‎02-08-2007

Thanks for flagging this up along with the link.
I downloaded and updated to 17.3 a few days ago so I am safe enough (I hope)
At least they have been quick in informing users and the checksum in your link should reassure users or confirm the worse.
Hopefully this will no be followed by further attacks on what is a great OS.

We are born into history and history is born into us.

VileReynard · ‎01-09-2007

I don't understand why the download site isn't static HTML with static MD5 checksums.
This could easily be a bullet-proof site - assuming people do simple MD5 checks against any downloads.
Interesting that Bit Torrent gives a non-hacked version.

"In The Beginning Was The Word, And The Word Was Aardvark."

Anonymous · ‎21-02-2016

It wouldn't make any difference as they hacked the site in the first place so nothing stopping them replacing the checksum on the page.

VileReynard · ‎01-09-2007

Quote
I’ll ask this question, without knowing the intrinsic details, or any specific details other than what has been posted above; did the breach have anything to do with the fact that you’re running WordPress?
Best wishes and thanks for the heads up.
Edit by Clem: Yes, the breach was made via wordpress. From there they got a www-data shell.

"In The Beginning Was The Word, And The Word Was Aardvark."

Anonymous · ‎21-02-2016

To be honest I didn't read the article, and I know nothing about wordpress, but I'll stick by my last post, until proved otherwise.
Corrected Typo.

DaveyH · ‎15-11-2012

Their forum database has been compromised too.
http://blog.linuxmint.com/?p=3001

DaveyH · ‎15-11-2012

The hacker responsible has been communicating with ZDNet to explain their motive
http://www.zdnet.com/article/hacker-hundreds-were-tricked-into-installing-linux-mint-backdoor/

HairyMcbiker · ‎16-02-2009

He/They call that a reason?
My email is common but the password for for that site only anyway. And I know it has been used by spammers before from the amount of spam it gets. I will retire it one day, when I remember where I use it '-)
Forums still down.
But on the have I been pawned site, the "biggest" sites:
Adobe logo 152,445,165 Adobe accounts
Ashley Madison logo 30,811,934 Ashley Madison accounts
000webhost logo 13,545,468 000webhost accounts
Gamigo logo 8,243,604 Gamigo accounts
Heroes of Newerth logo 8,089,103 Heroes of Newerth accounts
Nexus Mods logo 5,915,013 Nexus Mods accounts
Makes Mint's forum hack seem tiny by comparison.

DaveyH · ‎15-11-2012

The website is back up and running
http://www.linuxmint.com
Forums still down ATM though
http://forums.linuxmint.com
So presumably there will be an update on the blog soon, though nothing yet
http://blog.linuxmint.com

MatrixRob · ‎16-11-2015

The integrity checks for downloaded Linux ISO's SHOULD be compared with SHA256 and not MD5.
MD5 can be compromised/ hacked, even SHA-1 is more secure than MD5 Algorithms.
There are a few freebies online to check data integrity using SHA256
been using this one for years which works great.
http://download.cnet.com/MD5-SHA-Checksum-Utility/3000-2092_4-10911445.html

No problem can be solved from the same level of consciousness that created it.
Albert Einstein

Anonymous · ‎24-02-2016

If you already have Linux then these are of course already provided e.g. sha256sum and for Windows there is this :
https://gallery.technet.microsoft.com/PowerShell-File-Checksum-e57dcd67

HairyMcbiker · ‎16-02-2009

It doesn't really matter what you used as they changed the checksums as well.
But I tend to use downthemall in FF and put the checksum in the box at the bottom.

products42 · ‎25-03-2013

Quote from: Hairy

But on the have I been pawned site, the "biggest" sites:
Adobe logo 152,445,165 Adobe accounts
Ashley Madison logo 30,811,934 Ashley Madison accounts
000webhost logo 13,545,468 000webhost accounts
Gamigo logo 8,243,604 Gamigo accounts
Heroes of Newerth logo 8,089,103 Heroes of Newerth accounts
Nexus Mods logo 5,915,013 Nexus Mods accounts
Makes Mint's forum hack seem tiny by comparison.

"Have I been pwned ?" is a great resource to check whether your email has been harvested. It's worth checking your email address on it to see if you need to create a new one.

VileReynard · ‎01-09-2007

I'm on Adobe & Mint (forums).