File-Wiping Malware Placed Inside Gentoo Linux Code After GitHub Account Hack
An unknown hacker has temporarily taken control over the GitHub account of the Gentoo Linux organization and embedded malicious code inside the operating system’s distributions that would delete user files. Thankfully, the malicious code fails to trigger properly and users’ files remain safe. How the hacker gained access to Gentoo’s GitHub account still remains a mystery, but since announcing the hack late last night, the Gentoo team says it regained control over their account, albeit their profile remained offline at the time of this article’s publication.
The hack took place at approximately 20:20 UTC, June 28, and only affected the company’s GitHub account, not its core infrastructure and associated files, hosted on different servers. The Gentoo team is still investigating the extent of the hack, so it’s unclear if anything else besides the file-wiping malware was included. As a precaution, users and organizations who downloaded Gentoo Linux images from the GitHub mirror are advised to restore the OS to a previous point, if they have backup images, or reinstall it from scratch.