[OT] Hackers break into Linux kernel home
blchupin at iinet.net.au
Fri Sep 2 06:08:08 UTC 2011
*MULTIPLE SERVERS* that are part of the Linux kernel.org infrastructure
were affected during a recent intrusion where attackers managed to gain
root access and plant Trojan scripts.
According to an email sent out to the community
<http://pastebin.com/i4LFsQPW> by kernel.org chief administrator John
Hawley, known as warthog9, the incident started with the compromise of a
server referred to as Hera. The personal colocated machine of Linux
developer H Peter Anvin (HPA) and additional kernel.org systems were
"Upon some investigation there are a couple of kernel.org boxes,
specifically hera and odin1, with potential pre-cursors on demeter2,
zeus1 and zeus2, that have been hit by this," Hawley wrote.
The intrusion was discovered on 28 August and according to preliminary
findings attackers gained access by using a set of compromised
credentials. They then elevated their privileges to root by exploiting a
zero-day vulnerability that the kernel.org administrators have yet to
Bob Hope's wife: "Where would like to be buried when you die?"
Bob Hope : "Why don't you surprise me!"
More information about the ubuntu-users