Hey you,
BE IN THE KNOW!

35,000 ransomware infections per month and you still believe you are protected?

Sign up to receive:

  • alerts
  • news
  • free how-to-remove guides

of the newest online threats - directly to your inbox:


Man Convicted for Hacking Linux Kernel Servers

veracrypt-ransomware-malware-sensorstechforum
A man from El Portal, Florida was arrested for gaining unauthorized access to the kernel.org (Linux Kernel) servers. According to the court, the hacker Ryan Austin used credentials to the servers of what appears to be an employee associated with the Linux Organization.

The organization’s network administrators have detected the unauthorized login and have notified the authorities. The FBI took over this investigation, and they have eventually discovered that there were also attempts by Austin to modify the configuration files of the servers and have had installed malware such as rootkits and Trojan horses on a server based in Bay Area.

The agents behind the investigation eventually tracked down the tracks of the intrusion, and they let to Ryan Austin, who was arrested on August 28, 2016.

The suspect Ryan Austin was indicted to possibly face a 10-year solitary confinement as well as a fine of $250000.

Is This The Same Hacker Behind the 2011 Attack?

This is similar to the 2011 kernel.org hack which resulted in the successful installation of the Phalanx Rootkit infection with other Trojans able to steal passwords as well as perform other malicious activities. This time, the hack was relatively the same and the cyber-criminal attempted the same actions, suggesting that it may have been Austin who did the hack.

There hasn’t been much fuzz since this accident has happened, besides that the hack was found half a month later.

What is known from back then is that during that time, there was access to several machines that were used to distribute the Linux OS, according to officials. The consequences of the hack were that the attackers were able to track down anyone using these servers and what they do. Not only this but besides the servers Hera and Odin1 the hackers were able to access a senior developer’s personal machines as well. It is not disclosed as to what extent the data was stolen, but other computers within the kernel.org network may have also become victims of this attack.

What About The Future?

The good news for this situation is that Linux Kernel has learned from their mistakes and this time they have caught the attacker. However, it remains a mystery whether this was just Austin or there were other attackers as well since multiple computers were attacked. So far the big question remains is whether or not this is going to be the end of those type of trojan and rootkit attacks against Linux Kernel. The reality is with this attack and other attacks, like the Fairware ransomware, Linux becomes increasingly bigger target for malware writers espeicially when it comes to servers.

Vencislav Krustev

A network administrator and malware researcher at SensorsTechForum with passion for discovery of new shifts and innovations in cyber security. Strong believer in basic education of every user towards online safety.

More Posts - Website

Share on Facebook Share
Loading...
Share on Twitter Tweet
Loading...
Share on Google Plus Share
Loading...
Share on Linkedin Share
Loading...
Share on Digg Share
Share on Reddit Share
Loading...
Share on Stumbleupon Share
Loading...
Please wait...

Subscribe to our newsletter

Want to be notified when our article is published? Enter your email address and name below to be the first to know.