February 21st 2016

On 20th February 2016, Linux Mint was hacked and malware was planted in an official software update.

What’s interesting about this is how the attackers might have compromised the website and how they could change the OS ISO download, but not the MD5 hash(verify download). Linux Mint is one of the most popular linux distribution which begs the question, how did hackers manage to accomplish this feat, without community detecting straight away from the hashes.

This could mean that other popular OSes such as Windows or other Linux distros could also be compromised, except by also changing the hashes too.