Gentoo GitHub Mirror Hacked - Hackers replaced ebuilds

Linux distribution Gentoo which holds its downloading mirror on GitHub had been hacked and takeover by some unknown hackers. Hackers have changed the GitHub pages and also replace the ebuilds from the repository .

On Thursday, Gentoo made an announcement of the hack and said the attacker gained control of the Github Gentoo organisation at June 28, 20:20 UTC.
"We are still working to determine the exact extent and to regain control of the organization and its repositories. All Gentoo code hosted on GitHub should for the moment be considered compromised."-said Gentoo dev Alec Warner.
"All Gentoo code hosted on github should for the moment be considered compromised,"
It clear that, if you downloaded and installed materials from Gentoo via GitHub, you might be compromised by bringing in malicious code. And until the all clear is given, you should avoid fetching anything from the project's 'hub org account.

Moreover, Warner also noted that  the master copies of its code were tampered with – Gentoo keeps master builds separate from its GitHub-hosted wares on servers that were not hacked. Thus, users can get clean copies of software without much problem via the Gentoo.org website, which is safe.

So users are recommend to clean up their system if they have fetched any files from the GitHub mirror, and they can again get the clean copies from Gentoo official site.

Till yet, Gentoo team have not provided the details about  How hackers managed to gain the repositories.

Post a Comment

With ❤️ Cyber Kendra