Linux Mint website got hacked on 20th of February

The Linux Mint team revealed that, their website got hacked on 20th of february and  download to link of Linux Mint 17.3 was modified to point to a hacked ISO hosted in another server.



Hackers behind this act, modified original linux mint ISO, it is yet unknown that what kind of modification they've made and how it is going to affect Linux Mint user. Then they hosted this ISO files in another server with IP address 5.104.175.212. Then they hacked to into Linux Mint website to for changing download link of Linux Mint 17.3.

Linux Mint team strongly believes that, this hack is only affected Linux Mint 17.3 downloads on 20th of February. Even then, this will not affect those who downloaded installation media through torrents or direct HTTP links.

If you've downloaded ISOs you can confirm it's geninunity using md5 signature given in Linux Mint website. 

If your ISO file is compromised, then Linux Mint team recommends to do the following
  • Delete ISO file immediately
  • If you've burned ISO to DVD, then trash
  • If you've copied it to a pen drive, then format it.
  • If you've installed it on machine, then take your machine offline, change all your passwords, backup your data and format your machine with original ISO
As an immediate action, Linux Mint team has taken their server down and has started investigation on this incident.

Original blog post in this issue can be read in Linux Mint blog.     

Share this