Linux Mint ISO Compromised with Backdoor

A post on the Linux Mint blog has announced that it has detected a security breach that occurred sometime on Saturday 20 February, possibly meaning that anyone downloading a Linux Mint ISO could have inadvertently downloaded a corrupt edition.

The problem appears to be that hackers gained access to the Linux Mint servers and redirected the download links for Linux Mint 17.3 Cinnamon edition to a compromised version with a backdoor installed.

The blog points out that this is only relevant to downloads of version 17.3 cinnamon editions from the site on Saturday. Any downloads of Linux Mint from any other location or site will not be affected. Similarly, any other versions of Linux Mint downloaded from the Linux Mint site are not affected by the backdoor compromise.

If you did download a Linux Mint 17.3 Cinnamon edition ISO from the Linux Mint web site on Saturday, the blog suggests that you delete the ISO file on any media you might have stored it on, such as CDs or memory sticks. If you have already installed the ISO then Linux Mint recommend to disconnect your PC from the Internet, back up your personal files, and install an un-compromised operating system.

If you have it installed on a secondary partition, you can wipe that partition entirely instead. You should also change your login passwords for any important websites or services you use.

Image Credit: Balefire / Shutterstock