Linux Mint distributions have been compromised

    The developers of one of the well-known Linux distributions called Mint reported on the blog that their server was compromised, and the ISO distributions of the OS were modified (backdoored). It is indicated that it is worth paying attention to the distributions downloaded from the download server on February 20. According to the developers, the distribution package of the Linux Mint 17.3 Cinnamon version turned out to be compromised.



    Malicious distributions were hosted at IP address 5.104.175.212, and the backdoor itself is accessed at the URL absentvodka.com. Below are instructions for checking the downloaded distribution.

    To check the downloaded distribution, you should compare its sum MD5 with the corresponding value of the legitimate distribution.

    6e7f7e03500747c6c3bfece2c9c8394f linuxmint-17.3-cinnamon-32bit.iso
    17.3 linuxmint-e71a2aad8b58605e906dbea444dc4983-cinnamon-64bit.iso
    30fef1aa1134c5f3778c77c4417f7238 linuxmint-17.3-cinnamon-nocodecs-32bit.iso
    3406350a87c201cdca0927b1bc7c2ccd linuxmint-17.3-cinnamon-nocodecs-64bit.iso
    df38af96e99726bb0a1ef3e5cd47563d linuxmint-17.3-cinnamon-oem-64bit.iso

    In embodiment malicious distribution also indicates the presence of the /var/lib/man.cy file in the installed OS. If a malicious version is installed, disconnect the computer from the network, back up the necessary data, and reinstall the OS. After that, it is recommended that you change the credentials of your services.

    Also popular now: