. home.aspx

NEWS

home.aspx
   


Gentoo Publishes Incident Report After GitHub Hack

July 05, 2018 / Eduard Kovacs

Maintainers of the Gentoo Linux distribution published an incident report on Wednesday after someone hijacked one of the organization’s GitHub accounts and planted malicious code. The attack started on June 28 and the hacker (or hackers) not only changed content in compromised repositories, but also locked out Gentoo developers from the targeted GitHub account. This made the attack “loud” – Gentoo believes the hackers could have maintained access longer had they been quieter. GitHub could not be used by Gentoo for a total of five days as a result of the incident. The breach also led to a disruption of the Gentoo Proxy Maintainers Project as it uses GitHub to submit pull requests, and all past pull requests were disconnected from their original commits. The attacker also attempted to wipe users’ files by adding “rm-rf” to some repositories, but Gentoo believes this method was unlikely to work due to “various technical guards.” The Gi...