Linux community hit by malware attacks

Linux community websites have been taken down following a series of suspected malicious attacks, denting the system’s myth of impenetrability.

The non-profit Linux Foundation has posted a message stating that it, Linux.com and all subdomains have been taken off air while they deal with a security breach.

It is thought that the breach is connected to a previous intrusion on another Linux community site, kernel.org.  According to Paul Ducklin at Sophos, the Linux Foundation and Kernel.org are “internet neighbours in the 140.211.169.0/25 network block”.

LinuxFoundation.org has been down since 8 September, a rather substantial time. 

The statement said that site administrators are in the “process of restoring services in a secure manner as quickly as possible”. But for the time being they warn of a need to consider passwords and SSH keys that may have been used on the site.

For those who claim that Linux defences are nigh on unassailable this is a tad embarrassing of.

According to malware expert Graham Cluley, it should come as no great surprise that Linux system security has been breached.

“There has been malware for Linux for a long long time,” he told TechEye, “but many users choose to keep their heads in the sand about it as there is so much malware for Windows in comparison.”

We approached LinuxFoundation to find out if there is any more information available. It told us: “We are continuing to investigate and are doing everything we can to expedite restoring all Linux Foundation domains and will communicate with everyone when they are live. Unfortunately that is all we can say for the time being.”

According to Ducklin at Sophos, the attacks at least mean that Linux is considered prominent enough to be the target of criminal attention, playing down past accusations that Linux is nothing more than a “hobby product”.