Attackers changed the defacement page a few times, they protested against the new Linux kernel developer code of conduct in a regrettable way with
racial slurs and the image of an individual showing the anus.
The defacement page also includes links and a Twitter account (@kitlol5) believed to be under the control of the attacker.
The person who was operating the Twitter account posted a screenshot showing that they had access to the Network Solutions account of Michelle McLagan, who evidently owns linux.org, and modified the DNS
“This evening someone got into my partner’s
one of the Linux.org admins wrote on Reddit.
“She’s working with
The hacker did not access the servers hosting Linux.org and user data were not compromised.
How to prevent this kind of incident?
Administrators should enable multi-factor authentication (MFA) for their account.
“I think it was a combination of public whois info and no MFA that lead to this,” added the Linux.org admin.
“There’s always one thing – they found the weakest link and exploited it.”
After the incident, admins have enabled MFA on all accounts.
(Security Affairs – DNS hijack, hacking)
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.