Jump to content

Gentoo Github Hacked

rcmaehl
 Share
Posted

Source: Gentoo

 

Quote:

Quote

Today 28 June at approximately 20:20 UTC unknown individuals have gained control of the Github Gentoo organization

 

Summary:
It appears the Gentoo github was compromised by an unknown person. While repos were not affected if you were thinking about installing Gentoo... don't do it through the github. The assailant has edited the gentoo github to contain various explicit words and phrases and the github is still affected as of this post.

 

My Own Opinion:
I personally wonder if this was in light of a recent github exploit as seen here or if it was just a simple case of a reused password that was leaked. Anyway the Joke is supposed to be "Install" Gentoo, not "Hack" Gentoo.

PLEASE QUOTE ME IF YOU ARE REPLYING TO ME

Desktop Build: Ryzen 7 2700X @ 4.0GHz, AsRock Fatal1ty X370 Professional Gaming, 48GB Corsair DDR4 @ 3000MHz, RX5700 XT 8GB Sapphire Nitro+, Benq XL2730 1440p 144Hz FS

42U Server Rack: ISP Modem + UDM-SE + APC 3kVA UPS + 3x Dell Precision 5820 + TBD

Retro Build: Intel Pentium III @ 500 MHz, Dell Optiplex G1 Full AT Tower, 768MB SDRAM @ 133MHz, Integrated Graphics, Generic 1024x768 60Hz Monitor


 

Link to comment
https://linustechtips.com/topic/942472-gentoo-github-hacked/
Share on other sites
Link to post
Share on other sites
Posted

should have moved to gitlab

One day I will be able to play Monster Hunter Frontier in French/Italian/English on my PC, it's just a matter of time... 4 5 6 7 8 9 12 years later: It's finally coming!!! I don't care anymore

Phones: iPhone 4S/SE | LG V10 | Lumia 920 | Samsung S24 Ultra

Laptops: Macbook Pro 15" (mid-2012) | Compaq Presario V6000

Other: Steam Deck

<>EVs are bad, they kill the planet and remove freedoms too some/<>

Link to comment
https://linustechtips.com/topic/942472-gentoo-github-hacked/#findComment-11486905
Share on other sites
Link to post
Share on other sites
Posted
  • Author

Adding update:

The added code on github was basically an sudo rm -rf / --no-preserve-root. [Source] It appears the github repos has now been deleted/hidden by github. 

PLEASE QUOTE ME IF YOU ARE REPLYING TO ME

Desktop Build: Ryzen 7 2700X @ 4.0GHz, AsRock Fatal1ty X370 Professional Gaming, 48GB Corsair DDR4 @ 3000MHz, RX5700 XT 8GB Sapphire Nitro+, Benq XL2730 1440p 144Hz FS

42U Server Rack: ISP Modem + UDM-SE + APC 3kVA UPS + 3x Dell Precision 5820 + TBD

Retro Build: Intel Pentium III @ 500 MHz, Dell Optiplex G1 Full AT Tower, 768MB SDRAM @ 133MHz, Integrated Graphics, Generic 1024x768 60Hz Monitor


 

Link to comment
https://linustechtips.com/topic/942472-gentoo-github-hacked/#findComment-11487868
Share on other sites
Link to post
Share on other sites
Posted
21 hours ago, Granular said:

Well, that's a black mark against the dev team.

How so? Nothing got compromised on the dev end. All of the signing keys are all intact so anyone validating signatures (which if you're using gentoo you should *really* be doing) are fine. Anyone using the official repositories are fine.

 

This makes me chuckle a bit solely because of the coincidence of it. Microsoft buys GitHub and then a couple weeks later the Gentoo account gets hacked xD Probably a total coincidence but still funny in my mind.

 

On 2018-06-28 at 6:07 PM, rcmaehl said:

My Own Opinion:

I personally wonder if this was in light of a recent github exploit as seen here or if it was just a simple case of a reused password that was leaked. Anyway the Joke is supposed to be "Install" Gentoo, not "Hack" Gentoo.

Honestly it's most likely just a social engineering thing. Gentoo being a mostly community driven project it probably wouldn't be very hard for a potential attacker to convince GitHub that theyre newly responsible for the GitHub page and nobody told them the password. Can I get a password reset please?

Link to comment
https://linustechtips.com/topic/942472-gentoo-github-hacked/#findComment-11490515
Share on other sites
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing Tech News

×