Two more key Linux websites hacked

By Lee Kaelin on September 12, 2011, 3:00 PM

The Linux Foundation discovered security breaches late last week on servers hosting Linux.com and LinuxFoundation.org websites and other Linux related sub-domains.

The attacks are believed to be related to the Kernel.org breaches we reported on at the beginning of the month. As a precaution, the foundation has taken all servers offline while they investigate the intrusions although how they were compromised has not currently been released.

"The Linux Foundation made this decision in the best interest of extreme caution and security best practices," they commented in a statement released on Linux.com.

The non-profit group also took the opportunity to apologize for the inconvenience caused but wanted to reassure visitors they were taking the matter very seriously and hope to resume normal services very soon.

Users of the affected websites have been advised to assume passwords and SSH keys have been compromised and should be changed as soon as possible. "If you have reused these passwords on other sites, please change them immediately," they further commented.

All the server infrastructure of Linux.com, LinuxFundation.org and the services associated with them such as Open Printing, Linux Mark and Foundation events will remain offline while administrators complete reinstallation and verification of its servers.

Linux is increasingly facing attacks from hackers in response to what some will consider the rise in popularity of its operating system. In January, reports that the Fedora Project had been the victim of a hacker surfaced and these latest events are doing little to calm concerns made by its users.

Kernel.org's servers have also remained offline since the security breaches were discovered amid alarming concerns now being voiced in regards to the integrity of Git, its version management system.




User Comments: 5

Got something to say? Post a comment
caravel said:

"Git, its package management system"

Correction: It's a version control system, not a package management system.

Linux is increasingly facing attacks from hackers in response to what some will consider the rise in popularity of its operating system. In January, reports that the Fedora Project had been the victim of a hacker surfaced and these latest events are doing little to calm concerns made by its users.

Linux has always been a target for hackers, Linux based servers included, so this is nothing new. Let's not confuse the typical windows malware problems with the hacking of *nix boxes. What does seem new is the apparent negligence and complacency which caused the kernel.org breach.

Update at a linux.com:

*** UPDATE***

We want to thank you for your questions and your support. We hope this FAQ can help address some of your inquiries.

Q: When will Linux Foundation services, such as events, training and Linux.com be back online?

Our team is working around the clock to restore these important services. We are working with authorities and exercising both extreme caution and diligence. Services will begin coming back online in the coming days and will keep you informed every step of the way.

Q: Were passwords stored in plaintext?

The Linux Foundation does not store passwords in plaintext. However an attacker with access to stored password would have direct access to conduct a brute force attack. An in-depth analysis of direct-access brute forcing, as it relates to password strength, can be read at [link] . We encourage you to use extreme caution, as is the case in any security breach, and discontinue the use of that password if you re-use it across other sites.

Q: Does my Linux.com email address work?

Yes, Linux.com email addresses are working and safe to use.

Q: What do you know about the source of the attack?

We are aggressively investigating the source of the attack. Unfortunately, we can't elaborate on this for the time being.

Q: Is there anything I can do to help?

We want to thank everyone who has expressed their support while we address this breach. We ask you to be patient as we do everything possible to restore services as quickly as possible.

Leeky Leeky said:

That is correct Caravel. That error is wholly my fault.

RH00D RH00D said:

Have no fear, caravel is here!

Guest said:

Ohh system hardening does not work on website, This means any one who downloaded, anything from that webiste or visted him, is INFECTES!!!

jobeard jobeard, TS Ambassador, said:

Ohh system hardening does not work on website, This means any one who downloaded, anything from that webiste or visted him, is INFECTES!!!
Sorry - - just not true. Hardening a system is a concept applicable to every system on the planet and has nothing to do with what is installed or how it is used.

[edit] Of course it's over engineered to block inbound ftp if there is no ftpd (server) on that system, but harden it anyway and you can forget it.[/edit]

Load all comments...

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.