Have you downloaded Linux Mint on February 20th? If yes, then you have been infected. Linux Mint is one of the best and popular Linux distros nowadays, but if you have downloaded and installed operating system recently then you might have done using malicious ISO image.
Some unknown hackers had managed to hack into Linux Mint website and replaced download links on the site with malicious ISO images.
“Hackers made a modified Linux Mint ISO, with a backdoor in it, and managed to hack our website to point to it,” the head of Linux Mint project Clement Lefebvre said in announcement made on February 21, 2016.
Recommended for you: GNU C Library Flaw Puts Linux Apps and Machines at Risk
Who are affected?
According to Linux Mint, the issue only affects Linux Mint 17.3 Cinnamon edition, and people who downloaded this version of Linux Mint on February 20th are impacted. So, if you have downloaded the Cinnamon edition before Saturday 20th, February, then issue does not affect you.
What had happened?
Hackers have accessed the underlying server via team’s WordPress blog and got shell access to www-data. The hackers then manipulated the Linux Mint download page and redirected it to malicious FTP (File Transfer Protocol) server hosted in Bulgaria.
Hackers selling Linux Mint website’s database
The hackers are selling Linux Mint website’s database for $85. This hack seems to be a work of some script kiddies.
How to protect your Linux machine
To check whether you have downloaded infected version, you can compare MD5 signature with the official versions. If you found that you have downloaded infected version, you are advised to follow these steps:
- Take computer offline
- Backup all your data
- Reinstall the operating system
- Change passwords for emails and sensitive websites