THE Gentoo Linux is known to be considered the Linux “Do it yourself”, where you get your hands dirty and build your operational system your way and from scratch. Being considered by many to be one of the fastest distros on the market.
THE Linux Gentoo Organization released an official note on its website this Friday (29), commenting on the hacking of his account on Github, which would have occurred on Thursday (28) at 20:20 (local time), it would have compromised the source codes hosted there and replaced by malware.
She reported that a group of hackers, still unidentified, broke into the Gentoo at the Github and changed the original codes that are trees of the portage and musl-dev by malicious versions of ebuilds, in order to remove the files.
THE ebuild it is a script based bash, where you can do the automated installation (and even compilation) of software on Gentoo Linux.
The developers reassured users, warning that the source code and ISO’s of the system hosted on their website (gentoo.org) were not compromised, but only Github was.
The developer Francisco Blas Izquierdo Rieda, spoke as follows:
“We are still working on determining the exact extent and regaining control of the organization and its repositories. All Gentoo code hosted on Github should, for now, be considered compromised. ”
And he added:
”In addition, the gentoo-mirror repositories, including metadata, are hosted in a separate Github organization and are unlikely to be affected either. All Gentoo commits are signed, and you must verify the integrity of the signatures when using git. ” said the developer.
The Gentoo Linux Organization reported through its site, who has already regained control over his Github account with the help of the company’s support, but who does not advise using it until all the facts are verified.
Our partner channel, O Cara do TI, made a video on the topic, check out:
Now we have to wait and see the next “chapters”.
I hope you enjoyed it, I wait for you until the next opportunity, big hug.