The Register® — Biting the hand that feeds IT

Feeds

Linux.com pwned in fresh round of cyber break-ins

Penguin brigade in a flap after latest compromise

By Brid-Aine Parnell, 12th September 2011
  • print
  • alert

Cloud storage: Lower cost and increase uptime

Just a month after kernel.org - the nerve centre of Linux kernel development - fell victim to a malware attack, the Penguinista community is reeling from another bout of security breaches.

"Linux Foundation infrastructure including LinuxFoundation.org, Linux.com and their subdomains are down for maintenance due to a security breach that was discovered on September 8, 2011," the holding page on the sites says. "We believe this breach was connected to the intrusion on kernel.org."

Last month, a trojan was discovered on the PC of one of the kernel's developers and was later spotted lurking on kernel.org servers. The malware had gained root access, modified system software and logged passwords and transactions of the servers' users. The attack started on August 12th but wasn't discovered until the 28th, and the kernel.org site is still "down for maintenance".

The Linux Foundation is checking over its systems, and it remains cautious about how much information the hackers may have got their hands on, advising people that their passwords and SSH keys might be compromised.

"If you have reused these passwords on other sites, please change them immediately," the holding page urges.

The official Linux Foundation Twitter feed says that it is "working around the clock to investigate and resolve" the issue and that it will issue updates when it has them. ®

Customer Success Testimonial: Recovery is Everything

COMMENTS

House Rules Send Corrections
All Reader Comments (51)
Highly Rated
Anonymous Coward
Anonymous Coward
Reply Icon

@Captain Scarlet

I think AC101's point was that whenever there is a security problem with a Windows based system, a certain subset of the FOSS brigade whoop and holler about MS being rubbish at security, despite the problem usually being with the configuration of the compromised system. They also tend to suggest that while MS is the worst thing ever, Linux is the best thing ever.

Clearly this problem is with configuration/implementation of the security on the Linux systems involved, probably with a little user complacency thrown in for good measure and not a fundamental problem with the quality of Linux. I hope that everyone remembers that when commenting...

24
2
Anonymous Coward
Anonymous Coward

shouldda used

BSD

19
0
Anonymous Coward 101

That's what happens when you use Micro$oft

Oh, wait...

20
5

More from The Register

Interwebs taunt Sir Jony over Apple eye candy makeover
Hey Ive, Ive... add more unicorns, willya?
79
Apple: iOS7 dayglo Barbie makeover is UNFINISHED - report
Plus: You don't like the icons? Blame marketing
104
Red Hat to ditch MySQL for MariaDB in RHEL 7
So long, Oracle! Don't let the door hit you on the way out
61
Java EE 7 melds HTML5 with enterprise apps
New release arrives with GlassFish, NetBeans support
12
breaking news
'Office Facebook' firm Tibbr wants you to PAY for mobe-meetings app
Great idea. Punters won't cough for it though
9
SCO vs. IBM battle resumes over ownership of Unix
Zombie lawsuit back and wants to suck the brains out of Linux
97
breaking news
The only Waze is Google: Ad giant tipped to gobble map app 'for $1.3bn'
Pac-Man-satnav-ish upstart in bidding war with Apple, Facebook
16
breaking news
PM Cameron calls for modern, programmable computers! (We think)
IT education musings to G8 chiefs to mystify IT industry
105
Apple at WWDC: Sleek new iOS, death of the big cats, pint-sized Mac Pro
CEO Cook: 'The biggest change to iOS since the introduction of the iPhone'
151
Chrome and Firefox are planet-wreckers, IE cuddles dolphins
Microsoft-commissioned study finds IE sucks less power than rival browsers
98