Today, an important update has come from Clement Lefebvre, the leader of the Linux Mint project for the users of the Linux Mint OS. According to this update, the servers where the Linux Mint website is hosted have been hacked and the download links for ISOs are compromised.
Linux Mint OS website hacked
As per the important update, a group of hackers hacked the Linux Mint OS and modified it with a backdoor. Using this, the hackers could also hack into the Linux Mint website; after which they compromised the download links to trick users into downloading the malicious ISO image.
Clement Lefebvre made the announcement on the official blog,
“I’m sorry I have to come with bad news. We were exposed to an intrusion today. It was brief and it shouldn’t impact many people, but if it impacts you, it’s very important you read the information below,”
He further mentioned about the danger this incident may have caused;
“As far as we know, the only compromised edition was Linux Mint 17.3 Cinnamon edition. If you downloaded another release or another edition, this does not affect you. If you downloaded via torrents or via a direct HTTP link, this doesn’t affect you either. Finally, the situation happened today, so it should only impact people who downloaded this edition on February 20th.”
If you have downloaded the compromised version of Linux Mint ISO
In case you have downloaded the compromised version of the ISO, then Clement Lefebvre has also given the fix for it.
Fist of all, delete the ISO. If you have burnt it to DVD, don’t use the disc again. In case you have burnt it to USB, you need to format the USB. In case you have installed the Linux Mint ISO on your PC, then follow these steps.
- Put the computer offline.
- Backup your personal data, if any.
- Reinstall the OS or format the partition.
- Change your passwords for sensitive websites (for your email in particular).
As per Clement Lefebvre’s announcement, only the 17.3 Cinnamon edition has been compromised. Currently not everything is all right and they had taken the server down to fix the issues. It is recommended that affected users must disconnect their computers from the Internet as soon as possible, wipe the disk drive and change all of their passwords. Besides, in case you are affected due to compromised Linux Mint ISO, inform the leaders on this website.
And…. this was probably the indirect work of Microsoft. They don’t like it when you look for alternatives to their products. I can hear them say
You seems to be very harsh on Microsoft 🙂
Yes, with most industry website OS usage trackers saying Linux Mint appears to be used by roughly 650,000 devices, whereas underlying Ubuntu is on like 30 million devices and Ubuntu has no trouble(?), one could hardly make Microsoft a prime suspect.
Thanks for this story; I use Linux Mint on ultra-fast USB full installs, and keep one on a slightly slower USB as “live” (with installer)…I just downloaded some 17.2 and 17.3 last Thursday (I’m writing this on 17.3), and it’s good to know it shouldn’t be affected. One thing though…on a 16GB stick, you’d think I’d have more like 8 or 9 GB free space after usual install/usual cleanouts including residuals via synaptic manager, but my new 17.3 right away after that had only 5.4GB free space, and I can’t figure why; the 17.2 I also downloaded gave the usual free space after install. I wonder if it’s normal to need 3 or 4 GB space more than 17.2 for 17.3, or could that be a sign of trouble even though I downloaded on February 18? That may best be answered by Mr. Lefebvre; thanks again, cheers!