Hackers gained access to the GitHub Account of Gentoo Linux and embedded malicious code with ebuild repository that delete’s all the user files.
Gentoo is a free operating system with Precompiled binaries and it is an ideal secure server for development workstation, professional desktop, gaming system, embedded solution.
The incident took place on 28 June at approximately 20:20 UTC and Gentoo regained control by 2018-06-28 23:10 UTC.
According to the company statement, “Gentoo code hosted on GitHub should for the moment be considered compromised.”
Gentoo Linux Hacked
Gentoo says the hack attack not affected the code hosted on the Gentoo infrastructure and the code hosted in the Github is only the mirror.”You are fine as long as you are using rsync or webrsync from gentoo.org.”
Today 28 June at approximately 20:20 UTC unknown individuals have gained control of the Github Gentoo organization, and modified the content of repositories as well as pages there. More see link.
— Gentoo Linux (@gentoo) June 28, 2018
Gentoo developer Francisco Blas Izquierdo Riera said the attacker “replaced the portage
and musl-dev trees with malicious versions of the ebuilds that replaces the user’s code.”
Here is the good news, the code doesn’t work as it intended to do. Gentoo-mirror repositories including the metadata hosted under a different account are not affected.
Gentoo asked users to verify the integrity of the signatures when using git.