Linux Mint ISO Embedded with Backdoor

 

Linux Mint ISO Download With a Backdoor

Linux Mint ISO Embedded with BackdoorIf you attempted to download Linux Mint on Saturday, February 20th, then you could be the victim of malicious software. According to CSO Online, Linux Mint’s website was compromised and links were changed so users would install an ISO containing a backdoor. The forums were also compromised.

Zack Whittaker from CSO Online
ZD Net through an encrypted chat spoke with the hacker who goes by the name Peace. The hacker stated he stole the entire copy of the forum’s twice. Once on 1/28 and the other on 2/18. He also listed a full forum dump on the dark web for $85. The hacker used malware dubbed Tsunami, an easy-to-implement backdoor, which when activated quietly connects to an IRC server where it waits for commands.

Our Analysis

When downloading any files from the internet, the best recommendation is to use an official source. Unfortunately in this case, the recommendation would lead you to an unwanted download. If you downloaded the ISO on Saturday, then you should wipe the install and download the ISO again from the Linux Mint website. The infected software was pulled Saturday evening and everything was back operational by Sunday night. Also any passwords that is the same as your forum log in need to be changed immediately. You should also search the database on the site HaveIBeenPwned to see if your account is there.

Info World also has a few tips to identify official downloads.

Other High Profile Breaches:

Experian (includes T-Mobile)
Scottrade
Trump Hotels
Tesla and Chrysler (unrelated to each other)
Apple App Store
U.S. Office of Personnel Management (OPM)
Kaspersky & FireEye (unrelated to each other)
Excellus Blue Cross Blue Shield
Ashley Madison
Ashley Madison (follow up)


Thanks for stopping by and reading our blog. We would appreciate if you could subscribe (assuming you like what you read; we think you will). This is meant to be informative and to provide value to anyone who reads this – regardless of their knowledge and/or understanding of IT/Cybersecurity. To learn more about us, check out our “About Us” page.

Be sure to subscribe to this blog and to our Podcast.

If you have ANY Cybersecurity needs, please contact us and a member of our staff with promptly reply to your question or concern.

References

CSO Online
ZD Net
Info World


Enter your email address:


Delivered by FeedBurner


Subscribe to our mailing list

* indicates required







About Scott Entsminger

Scott Entsminger was born and raised in Virginia. He graduated from Radford University with a Bachelor’s of Science in Criminal Justice. Scott has worked for the Department of Defense since graduating college. He is an expert in Windows Administration; with specific experience in Group Policy and vulnerability remediation. He also has specific experience in Information Assurance (IA) and Cyber Security.

Scott holds the CompTIA Security+ certification. He is always looking to diversify his skillset. Scott is an avid sports fan, particularly baseball. He also is an avid gamer and enjoys learning different skills involving his PC.