The Linux distributive Mint has been attacked by hackers who created a modified Linux Mint ISO. This might pose a threat to the bitcoin ecosystem because the platform is popular among miners.

The compromised version is Linux Mint 17.3 Cinnamon edition. After the distributive website was hacked, whoever visited the site was redirected to the modified download pack with a backdoor, wrote the project’s founder Clement Lefebvre on the company’s blog.

The hacked ISO contained a Tsunami Trojan, which gave the hackers access to private data of the affected users. For the bitcoin community it is the more relevant as both miners and wallet holders are often reported to store their access data in plaintext configuration files.

Later on Lefebvre called for all users of the Linux Mint to change their passwords. It turned out later that Linux forums’ database had been compromised as well. 

The developer also urged all forum users to change passwords to all popular websites, starting with their emails. He noted that this was just a precaution, but still retaining the same password would be risky: “Although the passwords cannot be decrypted, they can be brute-forced (found by trial) if they are simple enough or guessed if they relate to personal information.”

Apparently, no other versions of the Linux Mint platform was affected, nor was any harm done to the users who downloaded the 17.3 Cinnamon edition via torrents or via the direct HTTP link. The Linux Mint website is currently offline.

Opinions have been expressed that this attack was committed by inexperienced hackers. The virus they used was primitive and couldn’t do much harm, writes the Russian software security expert SecurityLab.

Linux Mint is a distributive based on and compatible with Ubuntu. Mint provides a cryptocurrency wallet which is reasonably popular among the bitcoin community.


Andrew Levich