Linux Mint - recent copies may be vulnerable

paddyrg

http://www.theregister.co.uk/2016/02/21/linux_mint_hacked_malwareinfected_isos_linked_from_official_site/

In short, if you've downloaded Mint recently, and not checked the MD5 (and let's face it, pretty much nobody will have) then your install may be pre-hacked before you installed it.

I'm sure more details will emerge, and it's probably the technical crowd who need to consider this first, but as Mint is so popular on this site, this is a heads-up.

Trumpeter

paddyrg wrote: »

In short, if you've downloaded Mint recently, and not checked the MD5 (and let's face it, pretty much nobody will have) then your install may be pre-hacked before you installed it.

If you haven't checked the MD5 then you probably shouldn't be using it anyway. It's recommended after downloading & before installing & it's a very simple procedure. Why would you not do it??

paddyrg

Trumpeter wrote: »

If you haven't checked the MD5 then you probably shouldn't be using it anyway. It's recommended after downloading & before installing & it's a very simple procedure. Why would you not do it??

I agree to a great extent, but let's face it, some of the questions here show a not terribly technically savvy readership, yet some people urging them to use Linux Mint. They won't know what MD5 is, they'll just run it and it'll work (and if it doesn't, they retry the download).

Oblivion

I phoned MI5 and they are sending me a box of After-Eight. :cool:

henm2

Clem Lefebvre, creator of the Linux Mint distribution has said this only affects only those who downloaded Linux Mint 17.3 Cinnamon edition on February 20,
He said the website was compromised so that the links to official downloads for the "Cinnamon" edition of Linux Mint were replaced with links to modified downloads hosted, it seems, in Bulgaria. The Linux Mint website is now offline.

SnowTiger

Trumpeter wrote: »

If you haven't checked the MD5 then you probably shouldn't be using it anyway. It's recommended after downloading & before installing & it's a very simple procedure. Why would you not do it??

It offers a false sense of security.

http://blog.linuxmint.com/?p=2994:

What happened?

Hackers made a modified Linux Mint ISO, with a backdoor in it, and managed to hack our website to point to it.

Anyone who's able to hack a website and change a link is likely to be able to modify the MD5 signature.

pappa_golf

is this why my mint has a hole in it?

paddyrg

Pappa Golf, love it ;-)

s_b

Wow thats bad and a shame too

Jivesinger

SnowTiger wrote: »

It offers a false sense of security.

http://blog.linuxmint.com/?p=2994:

Anyone who's able to hack a website and change a link is likely to be able to modify the MD5 signature.

Looks like you're correct.

From a purported interview with the hacker here:
http://www.zdnet.com/article/hacker-hundreds-were-tricked-into-installing-linux-mint-backdoor/

The hacker then used their access to the site to change the legitimate checksum -- used to verify the integrity of a file -- on the download page with the checksum of the backdoored version.

"Who the f**k checks those anyway?" the hacker said.