Gentoo GitHub mirror hacked and considered compromised

Ebuilds were replaced by attacker with ones intended to delete every file, which thankfully failed to work as intended.
Written by Chris Duckett, Contributor

Linux distribution Gentoo has had its GitHub mirror broken into and taken over, with GitHub pages changed and ebuilds replaced.

In an alert, Gentoo said the attacker gained control of the Github Gentoo organisation at June 28, 20:20 UTC.

"All Gentoo code hosted on github should for the moment be considered compromised," the alert said.

Gentoo said its own infrastructure was considered safe, and users should be OK if they rsync or webrsync from gentoo.org.

A post on the gentoo-dev list said the attacker replaced portage and musl-dev trees with ebuilds that would try to remove all the files on a user's system.

"Whilst the malicious code shouldn't work as is and GitHub has now removed the organisation, please don't use any ebuild from the GitHub mirror obtained before 28/06/2018, 18:00 GMT until new warning," Gentoo developer Francisco Blas Izquierdo Riera wrote.

The distribution is yet to provide any details on how the attack happened.

Gentoo is used as a base for Google's Chrome OS.

Related Coverage

Supercomputers: All Linux, all the time

The latest TOP500 Supercomputer list is out. What's not surprising is that Linux runs on every last one of the world's fastest supercomputers. What is surprising is that GPUs, not CPUs, now power most of supercomputers' speed.

Google doubles down on Linux and open source

Google is joining The Linux Foundation as a Platinum member. Google executive Sarah Novotny will become a Linux Foundation board member.

Linux Foundation: Microsoft's GitHub buy is a win for open source

Times have changed, we've all grown up, says the Linux Foundation.

Here are the latest Chrome OS devices that will support Linux apps (TechRepublic)

Owners of recent Chromebooks and Chromeboxes will be able to use Google's Crostini system to run Linux apps on their devices.

Devuan 2.0 is a Debian fork for Linux users who want to avoid systemd (TechRepublic)

While most mainstream Linux distributions have adopted Red Hat's systemd init system, the Devuan distribution caters to holdouts.

Editorial standards