If you downloaded Linux Mint on Saturday, attackers might have a back door on your computer.
“Hackers made a modified Linux Mint ISO, with a backdoor in it, and managed to hack our website to point to it,” Clement Lefebvre, one of Mint’s creators, wrote in a blog post over the weekend (via Ars Technica). The post also recommended anyone running the corrupted system totally wipe their systems and change all of their online passwords.
The attack is specific to Linux Mint 17.3 Cinnamon edition, and only applies to people who downloaded that ISO from the website: BitTorrent users aren’t affected, and neither are Mint users who updated from previous versions using apt-get or other methods. But if you downloaded a Cinnamon ISO from the Mint website on Saturday, February 20, Lefebvre recommends taking action immediately.
“Delete the ISO,” Lefebvre wrote. “If you burnt it to DVD, trash the disc. If you burnt it to USB, format the stick.”
And if you actually installed the corrupted Mint version? The steps are even more severe. To quote Lefebvre, users should:
- Put the computer offline.
- Backup your personal data, if any.
- Reinstall the OS or format the partition.
- Change your passwords for sensitive websites (for your email in particular).
If you want to know if you’re infected, the blog post offers valid MD5 signatures for the installation ISOs.
It’s not known who carried out the attack, and what motivates the attackers, but the hacked ISOs were hosted by a server in Sofia, Bulgaria.
It hasn’t been a great couple of months for Linux’s security reputation. In December a bootloader bug revealed at a Polytechnic University Cybersecurity Group showed that you can hack most Linux distros by hitting the backspace key 28 times.
“If more efforts are made to attack our project and if the goal is to hurt us, we’ll get in touch with authorities and security firms to confront the people behind this,” wrote Lefebvre.
Every operating system has its share of vulnerabilities, and it’s good that Mint’s were noticed early. Here’s hoping the Mint team can get everything under control before any more corrupted ISOs are distributed.
- How to remove malware and viruses from your Android phone
- The best Linux distros for 2021
- From pranks to nuclear sabotage, this is the history of malware
- This real-time map of antivirus fails is roasting MalwareBytes’ competitors
- Researcher writes codeless exploit that bypasses Linux security measures