Skip to main content

Linux Mint came with a dash of malware over the weekend

linux mint carried malware on february 20 2016 screenshot
Image used with permission by copyright holder
If you downloaded Linux Mint on Saturday, attackers might have a back door on your computer.

“Hackers made a modified Linux Mint ISO, with a backdoor in it, and managed to hack our website to point to it,” Clement Lefebvre, one of Mint’s creators, wrote in a blog post over the weekend (via Ars Technica). The post also recommended anyone running the corrupted system totally wipe their systems and change all of their online passwords.

The attack is specific to Linux Mint 17.3 Cinnamon edition, and only applies to people who downloaded that ISO from the website: BitTorrent users aren’t affected, and neither are Mint users who updated from previous versions using apt-get or other methods. But if you downloaded a Cinnamon ISO from the Mint website on Saturday, February 20, Lefebvre recommends taking action immediately.

“Delete the ISO,” Lefebvre wrote. “If you burnt it to DVD, trash the disc. If you burnt it to USB, format the stick.”

And if you actually installed the corrupted Mint version? The steps are even more severe. To quote Lefebvre, users should:

  • Put the computer offline.
  • Backup your personal data, if any.
  • Reinstall the OS or format the partition.
  • Change your passwords for sensitive websites (for your email in particular).

If you want to know if you’re infected, the blog post offers valid MD5 signatures for the installation ISOs.

It’s not known who carried out the attack, and what motivates the attackers, but the hacked ISOs were hosted by a server in Sofia, Bulgaria.

It hasn’t been a great couple of months for Linux’s security reputation. In December a bootloader bug revealed at a Polytechnic University Cybersecurity Group showed that you can hack most Linux distros by hitting the backspace key 28 times.

“If more efforts are made to attack our project and if the goal is to hurt us, we’ll get in touch with authorities and security firms to confront the people behind this,” wrote Lefebvre.

Every operating system has its share of vulnerabilities, and it’s good that Mint’s were noticed early. Here’s hoping the Mint team can get everything under control before any more corrupted ISOs are distributed.

Editors' Recommendations

Justin Pot
Former Digital Trends Contributor
Justin's always had a passion for trying out new software, asking questions, and explaining things – tech journalism is the…
FBI disables Russian malware operation targeting foreign governments
An Illustration shows a programmer busy with a laptop and several monitors.

The FBI says it has disrupted a long-running malware operation that allowed Russian spies to steal sensitive information from numerous countries, including NASA-member governments, prominent journalists, and other targets deemed to be of interest to the Russian government.

The court-authorized operation, codenamed MEDUSA, disrupted a global peer-to-peer network of computers compromised by sophisticated malware called “Snake,” described by the U.S. Department of Justice (DOJ) as the "premier cyberespionage malware" of Russia's Federal Security Service (FSB). Officials said the malware was knocked offline at the start of this week.

Read more
Is macOS more secure than Windows? This malware report has the answer
A person using a laptop with a set of code seen on the display.

It’s a long-held belief that Macs are less at risk of malware and viruses than Windows PCs, but how true is that? Well, a new report has shed some light on the situation -- and the results might surprise you.

According to threat research firm Elastic Security Labs, roughly 39% of all malware infections happen on Windows PCs. In good news for Apple fans, only 6% of breaches occurred on macOS, making Mac systems far less vulnerable than their Windows counterparts.

Read more
This Mac malware can steal your credit card data in seconds
Apple's Craig Federighi speaking about macOS security at WWDC 2022.

Despite their reputation for security, Macs can still get viruses, and that’s just been proven by a malicious new Mac malware that can steal your credit card info and send it back to the attacker, ready to be exploited. It’s a reminder to be careful when opening apps from unknown sources.

The malware, dubbed MacStealer, was discovered by Uptycs, a threat research firm. It hoovers up a wide array of your personal data, including the iCloud Keychain password database, credit card data, cryptocurrency wallet credentials, browser cookies, documents, and more. That means there’s a lot that could be at risk if it gains a foothold on your Mac.

Read more