Linux Compromised Again. Is the Source Code Still Safe?

News

Contributed by: Sonya Vasileva
Date: September 12, 2011

	4 Vote 0	Linux Compromised Again. Is the Source Code Still Safe?

Lately, Linux world was shaken by a number of hacker attacks. As a result of the latest one, LinuxFoundation.org, Linux.com, and their subdomains as well as kernel.org are down for maintenance.

Linux Foundation, the non-profit consortium, was the target of a breach that involves malware compromise. The websites are temporarily unavailable and the explanation given on the compromised websites is as follows:

"Linux Foundation infrastructure including LinuxFoundation.org, Linux.com, and their subdomains are down for maintenance due to a security breach that was discovered on September 8, 2011. The Linux Foundation made this decision in the interest of extreme caution and security best practices. We believe this breach was connected to the intrusion on kernel.org. We are in the process of restoring services in a secure manner as quickly as possible. As with any intrusion and as a matter of caution, you should consider the passwords and SSH keys that you have used on these sites compromised.

If you have reused these passwords on other sites, please change them immediately. We are currently auditing all systems and will update this statement when we have more information."

The most troubling part of the whole matter is that if a malware has gained full control over the server, even the login process should be considered untrustworthy. This means that even if passwords have never been written to disk, they could have been stolen from memory upon login.

The Linux Foundation team has given this e-mail: info@linuxfoundation.org for all users who might have questions regarding the situation.

As we informed you earlier this month, several servers, distributing and maintaining Linux operating system, were hacked at the end of August. The malware placed in them gained root access, particularly to a server called Hera, and then infected the rest. Earlier this year, the community version of Red Hat Enterprise Linux - the Fedora project , was also compromised.

It seems that Linux has recently become the usual target for successful hacker attacks. Let's hope that Linux team will be able to remove all problems and prevent future cybercrime of the type it faced so far this year.

Resources:
Linux Source Code Website – Hacked!

User Comments

Jack September 14, 2011

My dear - Linux was not compromised. The program source control server - used by the linux kernel programmers was compromised.

If linux itself was compromised then half the world would grind to a halt. You know how many routers and firewalls run Linux? The "hack" looks like its malware related - ie: someone got to leave a backdoor on their server and escalate themselves to admin level. This could have been done by someone walking into a datacenter and inserting a USB thumb drive with malware scripts - especially if someone left a console logged in as root.

But I am sure your headline gets you some hits! Just your journalistic depth seems to be a bit thin.

Top 10 Malware Threats

1.	Security Monitor
2.	Win 7 Home Security
3.	AV Protection 2012
4.	Privacy Protection
5.	Duqu Trojan
6.	Windows Monitor
7.	Win 7 Home Security
8.	Privacy Protection
9.	Cloud AV 2012

Most searched files

1.	vprot.exe
2.	GameXNGO.exe
3.	setup.ovr
4.	RosebudMUI.msi
5.	fp_ax_cab_installer.exe
6.	phoenix.exe
7.	InfDefaultInstall.exe
8.	AcroPro.msi
9.	FlashUtil11c_ActiveX.exe
10.	WinBootstrapper.msi

Newest files

1.	FlashUtil32_11_2_202_228_ActiveX.exe
2.	sisnicxp.sys
3.	NTIDrvr.sys
4.	int15.sys
5.	anbmServ.exe
6.	E_FATIADA.EXE
7.	HP_IZE.exe
8.	viaagp1.sys
9.	SISAGPX.sys
10.	R8139n51.SYS

Home Tips Downloads Videos Files Virus list Vulnerabilities

Home > Computer Security > Linux Compromised Again. Is the Source Code Still Safe?