Red Hat breached as hackers target Linux servers
The safety of Linux is being questioned after distributor Red Hat admits to being hacked.
Open source software and Linux was shown to be susceptible to hacking after Red Hat issued a critical update following a breach of its servers.
Red Hat Enterprise Linux and Fedora servers were compromised by network attacks, which forced the company to take them offline.
The compromised Fedora server was a system used for signing Fedora packages. Red Hat was confident that the intruder did not compromise the Fedora signing key, but as a precaution it has decided to convert to new ones.
The incidents are currently under investigation, but the hackers do not appear to have corrupted future packages being sent to Red Hat subscribers with malware.
Red Hat also said the intruder was able to sign a small number of Red Hat Enterprise Linux 4 and Red Hat Enterprise 5 OpenSSH packages. As a precaution it released updated versions of these packages, as well as publishing a list of the tampered packages and how to detect them.
Red Hat said of its critical update: "We remain highly confident that our systems and processes prevented the intrusion from compromising Red Hat Network.
"We are issuing this alert primarily for those who may obtain Red hat binary packages via channels other than that of official Red Hat subscribers."
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2024.