Linux kernel.org Hacker Arrested After Traffic Stop

So it seems the alleged kernel.org hacker has finally been caught, kinda by accident after being stopped for a traffic violation. It was quite a high profile hack, especially in the open source community as anyone downloading kernel files during that period could have theoretically been compromised. It’s unlikely the kernel code was actually…

Read the full post at darknet.org.uk

So it seems the alleged kernel.org hacker has finally been caught, kinda by accident after being stopped for a traffic violation. It was quite a high profile hack, especially in the open source community as anyone downloading kernel files during that period could have theoretically been compromised. It’s unlikely the kernel code was actually...

Read the full post at darknet.org.uk

Feds pin brazen kernel.org intrusion on 27-year-old programmer

Indictment comes five years after mysterious breach of the Linux repository.

Enlarge (credit: Ildar Sagdejev)

In August 2011, multiple servers used to maintain and distribute the Linux operating system kernel were infected with malware that gave an unknown intruder almost unfettered access. Earlier this week, the five-year-old breach investigation got its first big break when federal prosecutors unsealed an indictment accusing a South Florida computer programmer of carrying out the attack.

Donald Ryan Austin, 27, of El Portal, Florida, used login credentials belonging to a Linux Kernel Organization system administrator to install a hard-to-detect backdoor on servers belonging to the organization, according to the document that was unsealed on Monday. The breach was significant because the group manages the network and the website that maintain and distribute the open source OS that's used by millions of corporate and government networks around the world. One of Austin's motives for the intrusion, prosecutors allege, was to "gain access to the software distributed through the www.kernel.org website."

The indictment refers to kernel.org officials P.A. and J.H., who are presumed to be Linux kernel developer H. Peter Anvin and kernel.org Chief System Administrator John "'Warthog9" Hawley, respectively. It went on to say that Austin used the credentials to install a class of extremely hard-to-detect malware known as a rootkit and a Trojan that logs the credentials of authorized users who use the secure shell protocol to access an infected computer.

Read 7 remaining paragraphs | Comments

Welcome back, Linux kernel!

Just under a month ago, the official distribution site for the Linux kernel was taken offline following an embarrasing malware incident.

The good news is that kernel.org is back online. It’s not all roses, though.

Just under a month ago, the official distribution site for the Linux kernel was taken offline following an embarrasing malware incident.

The good news is that kernel.org is back online. It’s not all roses, though.

Apple fakery, DNS hack, DigiNotar, Linux, Wikileaks – 60 Sec Security

Lots of readers said they’d like to see our ‘news-with-a-conscience’ videos more than once a month.

So here you go. 60 Second Security, once every two weeks. Read more…

Watch the latest security news in just 60 seconds!


(Enjoy this video? Why not check out the SophosLabs YouTube channel?)

Last three episodes:

14 August 2011 28 August 2011 13 Sep 2011