Gentoo Linux’s GitHub account was reportedly hacked by an unknown group potentially having its repositories compromised to spread malicious versions of files.
In a statement released on their website, Gentoo warned the public to refrain from using the code that came from their GitHub account specifically last June 28th. According to the company, cybercriminals managed to gain control over their GitHub account in the evening of June 28th. The people behind this attack “modified the content of repositories as well as pages there.”
Gentoo is known for its free Linux or FreeBSD-based operating systems that make use of Portage technology.
In an attempt not to cause panic and probably as part of the company’s damage control, Gentoo assured their users that only their GitHub account has been compromised. Their official site and other mirror download servers remain under their control. Gentoo users may just verify that they are still using rsync or webrsync from their official site – gentoo.org. That should still be secured.
In their latest advisory, Gentoo announced that they have regained control to the compromised account. However, they are still working with GitHub, most likely to do an incident report and further investigate the extent of the breach. The company recommend avoiding using their GitHub repository while the investigation is on-going.
Nowadays, the possibility of getting hacked is inevitable. As American public servant Robert Mueller puts it, “There are only two types of companies: those that have been hacked and those that will be.”
Another interesting statement that relates to Mueller’s line came from American businessman John T. Chambers who went on saying, “There are two types of companies: those that have been hacked, and those who don’t know they have been hacked.”
What happened to Gentoo can basically happen to anyone. It’s just a matter of time. But, if your company is prepared for it, then damage limitation is a great methodology to have in ones arsenal.