Contributed by: Sonya Vasileva
Date: September 12, 2011
Lately, Linux world was shaken by a number of hacker attacks. As a result of the latest one, LinuxFoundation.org, Linux.com, and their subdomains as well as kernel.org are down for maintenance.
Linux Foundation, the non-profit consortium, was the target of a breach that involves malware compromise. The websites are temporarily unavailable and the explanation given on the compromised websites is as follows:
"Linux Foundation infrastructure including LinuxFoundation.org, Linux.com, and their subdomains are down for maintenance due to a security breach that was discovered on September 8, 2011. The Linux Foundation made this decision in the interest of extreme caution and security best practices. We believe this breach was connected to the intrusion on kernel.org. We are in the process of restoring services in a secure manner as quickly as possible. As with any intrusion and as a matter of caution, you should consider the passwords and SSH keys that you have used on these sites compromised.If you have reused these passwords on other sites, please change them immediately. We are currently auditing all systems and will update this statement when we have more information."
The most troubling part of the whole matter is that if a malware has gained full control over the server, even the login process should be considered untrustworthy. This means that even if passwords have never been written to disk, they could have been stolen from memory upon login.
The Linux Foundation team has given this e-mail: firstname.lastname@example.org for all users who might have questions regarding the situation.
As we informed you earlier this month, several servers, distributing and maintaining Linux operating system, were hacked at the end of August. The malware placed in them gained root access, particularly to a server called Hera, and then infected the rest. Earlier this year, the community version of Red Hat Enterprise Linux - the Fedora project , was also compromised.
It seems that Linux has recently become the usual target for successful hacker attacks. Let's hope that Linux team will be able to remove all problems and prevent future cybercrime of the type it faced so far this year.
Linux Source Code Website – Hacked!