Gentoo Linux logo

An unknown hacker has temporarily taken control over the GitHub account of the Gentoo Linux organization and embedded malicious code inside the operating system's distributions that would delete user files.

Thankfully, the malicious code fails to trigger properly and users' files remain safe.

How the hacker gained access to Gentoo's GitHub account still remains a mystery, but since announcing the hack late last night, the Gentoo team says it regained control over their account, albeit their profile remained offline at the time of this article's publication.

Hack affected only GitHub account, not Gentoo servers

The hack took place at approximately 20:20 UTC, June 28, and only affected the company's GitHub account, not its core infrastructure and associated files, hosted on different servers.

"This does NOT affect any code hosted on the Gentoo infrastructure," a Gentoo spokesperson said. "Since the master Gentoo ebuild repository is hosted on our own infrastructure and since Github is only a mirror for it, you are fine as long as you are using rsync or webrsync from gentoo.org."

On the Gentoo mailing list, Gentoo dev Francisco Blas Izquierdo Riera says the hacker "has among other things replaced the portage and musl-dev trees with malicious versions of the ebuilds."

The Gentoo team is still investigating the extent of the hack, so it's unclear if anything else besides the file-wiping malware was included.

As a precaution, users and organizations who downloaded Gentoo Linux images from the GitHub mirror are advised to restore the OS to a previous point, if they have backup images, or reinstall it from scratch.

This is not the first time that a compromise of a GitHub account has led to problems. Earlier this month, hackers breached the GitHub account of the Syscoin cryptocurrency team and also poisoned official apps with malware.

Related Articles:

Infowars Store Affected by Magecart Credit Card Stealing Hack

iSH - An iOS Linux Shell for Your iPhone or iPad

Linux CryptoMiners Are Now Using Rootkits to Stay Hidden

Microsoft is Porting Sysinternals Tools to Linux - ProcDump Released

Trivial Bug in X.Org Gives Root Permission on Linux and BSD Systems