Linux websites have been taken offline after a security breach which is believed to have been connected to the intrusion on kernel.org earlier this month.
The hack was performed on kernel.org sometime in August and it seems that a compromised user account was the hacker’s way in at the time. Kernel.org has remained down ever since and just displays a holding page stating it’s “down for maintenance”.
The Linux Foundation says it’s working on finding a secure fix for the problem but warns site users to change their passwords straight away.
“If you have reused these passwords on other sites, please change them immediately. We are currently auditing all systems and will update this statement when we have more information,” the message on the website read.
It is thought that the latest intrusion was discovered on Thursday and the Linux big-wigs are taking no chances with the prospect of it going any further.
The kernel.org hack was thought to have infected servers with malware which stole user information.
The site was immediately taken down once the intrusion was detected and the Linux Foundation is still working on reinstalling all of the relevant systems and updating security.
The organisation said at the time that they were confident that no real damage had been inflicted during the attack, and were working with 448 users of the site to change their details.
Of the latest attack they said: “The Linux Foundation infrastructure houses a variety of services and programs including Linux.com, Open Printing, Linux Mark, Linux Foundation events and others, but does not include the Linux kernel or its code repositories.”
The Linux Foundation is a voluntary project which enables Linux developers to be able to continue working on the software through funding.
On forums, some users argue that the Linux Foundation failed to follow their own advice, proving that they can get hacked just as easily as Windows-based systems.
However, others state that it isn’t the fault of the organisation as the attack was carried out using software, rather than a vulnerability in the kernel.