Slashdot Mirror

← Back to Stories (view on slashdot.org)

Timeline Of Events: Linux Mint Website Hack That Distributed Malicious ISOs (softpedia.com)

Posted by BeauHD on from the point-of-entry dept.

An anonymous reader writes: The Linux Mint website was hacked last night and was pointing to malicious ISOs that contained an IRC bot known as TSUNAMI, used as part of an IRC DDoSing botnet. While the Linux Mint team says they were hacked via their WordPress site, security experts have discovered that their phpBB forum database was put up for sale on the Dark Web at around the same time of the hack. Also, it seems that after the Linux Mint team cleaned their website, the hackers reinfected it, which caused the developers to take it down altogether.

3 of 188 comments (clear)

  1. Re:forum by lucm · · Score: 3, Informative

    Remember that such exploit is merely a way to create zombies, and a huge botnet of thousands and thousands of active zombies can be rented for a few dollars per hour. It's not a very lucrative market when you consider the labor and risk involved.

    That explains why those hackers who got caught by the FBI a few years ago were immensely thrilled when they made $7,000 in bitcoins.

    --
    lucm, indeed.
  2. Re:old-school by Anonymous Coward · · Score: 5, Informative

    If the website is compromised the md5 sums available for download on the same website are highly likely to be compromised, too...

  3. Somebody wasn't doing their homework. by Qbertino · · Score: 5, Informative

    Now WP and PHP are going to get tons of flak, once again.

    To put things into perspective: WordPress has north of 100 Million aktive installs. It powers more than a fourth of the entire web. That's orders of magnitude more than any other system on the planet ever has. For that, WP has an excellent security track record with the last new exploit infecting roughly 8000 websites. Once again of that type that weren''t following basic security procedures.

    Using WP for a high-profile, high traffic website such as Linux Mint may be questionable due to load issues alone, but it is doable if you follow just the simplest security principles - such as disabling the login page, using non-standard garbled logins, de-coupling login and username and using a non-standard table prefix.

    All this is SOP on any non-development WP installation and mitigates 99.999% of the standard attacks on WordPress. That, and not showering your install with tons of plugin-bloat perhaps.

    WordPress is a system for quickly cobling together a high functionality website and for that it is excellent. But you have to know your basics about PHP and the LAMP stack, otherwise you have no business setting up a WP intallation and are way better of getting one at wordpress.com or some other apphoster for WP. Which, btw., is a perfectly viable option if you've got your hands full maintaining a Linux distro and couldn't

    The Linux Mint people screwed up and prerhaps even compromised some boxes that have yesterdays fake ISOs installed on them. They didn't to their homework in terms of basic web-security and this is not the fault of WP or PHP.

    I hope they learn their lesson.

    --
    We suffer more in our imagination than in reality. - Seneca