Linux Community Websites Hacked

Open SourceSecuritySoftwareWorkspace
0 0 7 Comments

Sites including and have been taken offline, following a fresh attack

Several of the Linux community’s key websites have been unavailable since late last week following a security breach discovered on Thursday, according to the Linux Foundation.

The Foundation, a non-profit group created to help fuel the growth of Linux, has taken down, and their subdomains for maintenance following the breach, which it believes to be connected to an attack on in August.

‘Extreme caution’

“The Linux Foundation made this decision in the interest of extreme caution and security best practices,” the Foundation said in a statement on

The Foundation said it was in the process of restoring services as quickly as possible, and advised users to regard passwords and SSH keys used on its sites as having been compromised.

“If you have reused these passwords on other sites, please change them immediately,” the Foundation stated.

The Linux Foundation infrastructure powers various services but doesn’t include the Linux kernel or its code repositories.

The Linux kernel site,, was hacked around the time the popular operating system celebrated its 20th anniversary on 25 August. In a post on the site at the time, the organisation admitted that “a number of servers in the infrastructure were compromised”.


The kernel team took the affected systems offline, backed them up and started to re-install them. It was also planning to re-install all of the servers just to be sure that there was nothing unknown lurking on any other parts of the infrastructure.

There is a check being made of all the code within Git, a revision control system devised by Linus Torvalds who created Linux. The team is also testing the tarballs, composites of archived files, to affirm that nothing has been modified. European and US authorities were notified of the breach.

The recent attacks may actually mean positive publicity for Linux, according to Sophos security researcher Paul Ducklin.

“The ‘Linux is a nothing more than a hobby product’ naysayers will be compelled to admit that the operating system really is part of the Big Time. Why else would be in the sights of cybercrooks?” he wrote on a Sophos blog. “And Linux itself will emerge almost entirely unscathed because if any dodgy changes are found in the codebase, there will be a public record of them getting rolled back and order restored.”

Click to read the authors bio  Click to hide the authors bio