fbpx

Gentoo Linux Hacked, GitHub Code Compromised with Malware

LinuxBytes: Some mysterious unknown hackers hacked the GitHub account of the popular Linux Distribution Gentoo and infected the code with malware.

Gentoo Linux, the popular and most versatile free Linux distribution has been compromised with malware. Gentoo Linux has a good learning curve as it needs you to build everything yourself by downloading and compiling the source code on your own. You can get the source code from its Git repository.

But unfortunately, the Gentoo Git repository is now infected with malicious code. This incident happened on June 28 and the developers immediately posted an update about the breach. Here is what the update reads:

Today 28 June at approximately 20:20 UTC unknown individuals have gained
control of the Github Gentoo organization, and modified the content of
repositories as well as pages there. We are still working to determine the
exact extent and to regain control of the organization and its
repositories.

All Gentoo code hosted on github should for the moment be considered
compromised.

However, the good news is that code hosted on Gentoo’s master infrastructure is safe as it is hosted on company’s own infrastructure and the code hosted on GitHub is just a mirror. So you can download Gentoo from the official site at gentoo.org.

Since the master Gentoo ebuild repository is hosted on our
own infrastructure and since Github is only a mirror for it, you are fine
as long as you are using rsync or webrsync from gentoo.org.

Also, the gentoo-mirror repositories including metadata are hosted under a
separate Github organization and likely not affected as well.

All Gentoo commits are signed, and you should verify the integrity of the
signatures when using git.

So this isn’t a permanent damage of code for the Gentoo Linux and developers promised that things can get back soon as Infrastructure team have identified the ingress point, and locked out the compromised account,” They also posted that all of these repositories are being “reset back to a known good state.”

Was this post helpful?

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Gentoo Linux Hacked, GitHub Code Compromised with Malware

by LinuxFlips time to read: 1 min
0