On 20 February, a hacker managed to break into Linux mint and upload a virus to computers of hundreds of users by attaching it to ‘Linux Mint 17.3 Cinnamon edition’ package. Security experts say this hack was a result of Linux’s insufficient and negligent project management.
The hacker, calling himself Peace, took over control of Linux Mint, changed the OS’ download website and added a back-door virus ‘Tsunami’ to the download files. This gave him access to systems of hundreds of Linux users. The same hacker hacked into Linux Mint user forum twice and created a copy of the user database containing e-mail addresses, dates of birth, photos attached to their accounts and passwords. This data is currently sold on the so-called darknet for USD 85, as reported by eScan, which provides security solutions for PCs, smart-phones, tablets and servers.
«Responsibility for this incident should be taken by the administrator team of Linux Mint. Nevertheless, the package is to blame as well. The Linux Mint package based on Ubuntu is very popular among Linux users. This package is also aimed at the less tech-literate users who wish to work in a comfortable and familiar environment. Linux Mint security mechanism is flawed because users who wish to update their system have to manually set up automatic updates. Ubuntu users, on the other hand, receive updates automatically,» – experts say.
«Regardless which OS you use – Microsoft Windows or Linux – the system cannot function properly without regular updates. In addition, lack of timely security updates puts the system at an ever increasing risk,» – notes eScan representative in Baltic States, Baltimax manager Sergei Romanovskis.
Security experts also point to other Linux packages that are not sufficiently protected – Elementary and Solus Project. According to eScan representatives, Linux should pay more attention to their new projects and demo versions. It is also advised not to advertise them as operating systems that are stable, secure and ready for distribution.
«It is time we forgot the myth that Linux or Mac operating systems are secure against virus or hacker attacks. Users of these platforms should consider additional security measures and use appropriate antivirus programmes,» – adds Romanovskis.
Linux representatives note that the hacker attack may have impacted more than just Linux Mint users who had downloaded Cinnamon package. Users affected by the attack are recommended to delete the damaged Linux Mint installation file ISO as soon as possible. Data storage devices carrying copies of this file should be formatted.
If the ISO is installed, the computer should be disconnected from the Internet. Users should create reserve copies of any private documents, format partitions and perform a fresh install of the OS. Security experts also recommend changing passwords to any important Internet websites, including e-mail services and social networks.