Open SourceSecuritySoftwareWorkspace

Linux Community Websites Hacked

0 0 7 Comments

Sites including and have been taken offline, following a fresh attack

Several of the Linux community’s key websites have been unavailable since late last week following a security breach discovered on Thursday, according to the Linux Foundation.

The Foundation, a non-profit group created to help fuel the growth of Linux, has taken down, and their subdomains for maintenance following the breach, which it believes to be connected to an attack on in August.

‘Extreme caution’

“The Linux Foundation made this decision in the interest of extreme caution and security best practices,” the Foundation said in a statement on

The Foundation said it was in the process of restoring services as quickly as possible, and advised users to regard passwords and SSH keys used on its sites as having been compromised.

“If you have reused these passwords on other sites, please change them immediately,” the Foundation stated.

The Linux Foundation infrastructure powers various services but doesn’t include the Linux kernel or its code repositories.

The Linux kernel site,, was hacked around the time the popular operating system celebrated its 20th anniversary on 25 August. In a post on the site at the time, the organisation admitted that “a number of servers in the infrastructure were compromised”.


The kernel team took the affected systems offline, backed them up and started to re-install them. It was also planning to re-install all of the servers just to be sure that there was nothing unknown lurking on any other parts of the infrastructure.

There is a check being made of all the code within Git, a revision control system devised by Linus Torvalds who created Linux. The team is also testing the tarballs, composites of archived files, to affirm that nothing has been modified. European and US authorities were notified of the breach.

The recent attacks may actually mean positive publicity for Linux, according to Sophos security researcher Paul Ducklin.

“The ‘Linux is a nothing more than a hobby product’ naysayers will be compelled to admit that the operating system really is part of the Big Time. Why else would be in the sights of cybercrooks?” he wrote on a Sophos blog. “And Linux itself will emerge almost entirely unscathed because if any dodgy changes are found in the codebase, there will be a public record of them getting rolled back and order restored.”

  1. The Linux community have spent years berating the rest of the world for using unsecure systems, with a particular boast that the Linux apache web software is far more secure than anything else.

    Still got hacked though, just like the rest of the real world !!

    1. @ Mike – the security concerns for Linux is significantly less prevalent than that of Microsoft and Windows desktop and server platforms hacking’s. Where there is a will there is a way and no system is perfect- also, details are still emerging as to how these websites became compromised and it could have been the result of an application and not the actual kernel itself (whereas Windows is generally insecure from ring0 up). Linux and its kernel, as a whole, is exponentially more secure than Windows and its entire platform combined.