Cyber-Criminals Attack Linux Cache

According to Linux Kernel Organization, cyber-criminals have attacked the operating system Linux, contaminated it with malicious software so as to acquire root access, changed the computer applications, logged passwords as well as recorded transactions belonging to individuals using the OS, reported TheRegister on August 31, 2011.

Undoubtedly security probes are ongoing, while Kernel.org is ensuring that all the 448 users of its website alter their SSH keys and passwords.

Nevertheless, fortunately it seems there isn't anything to get anxious of Linux's source code.

Meanwhile, web-admins posted on Kernel.org that if kernel.org was cracked then the damage caused would be much less compared to if standard software repositories were cracked. That was since the development of kernel occurred utilizing the revision control mechanism that Git distributed after Linux Torvalds designed it, the administrators noted. Computing.co.uk published this on September 1, 2011.

The posting further revealed that in relation to Linux kernel's almost 40,000 files, an SHA-1 hash that was cryptographically secured was computed for distinctly outlining the precise matter in those files. Git was created in order that every kernel version's name relied on the entire story of its development resulting in that version. Moreover, after its publication, it wasn't any longer possible for altering the previous editions devoid of it getting known, the posting added.

Furthermore, on August 22, 2011, an e-mail by chief administrator John "Warthog9" Hawley to developers stated that a Trojan had been discovered on H Peter Anvin, kernel developer's PC as also on the Odin1 and Hera servers of kernel.org later. Subsequently, there occurred a modification of one protected shell client utilized for gaining admission into servers from the remote, as also logging of passwords along with end-user activity within the hijacking period.

Additionally, the web-admins posted that given there was a distribution of files too amidst several outside kernel developers as also end-users, it implied that whenever updates were done, any malevolent alteration was sure to get known.

However, the hijacked web-servers are now offline, while backups and re-installations are being done. Also, while investigation continues, installation of the program is being discouraged while exhibition of the /dev/mem memo getting suggested.

Related article: Cyber Child abuser Sentenced To Imprisonment

» SPAMfighter News - 9/12/2011