Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror
×
Security The Internet

Linux.org's DNS Got Hijacked (linux.org) 62

Linux.org reports: Wednesday afternoon around 5pm EST someone was able to get into the registrar account for our domain and point DNS to another server -- as well as lock us out from changing it. They pointed the domain name to a pretty rude page for most of the evening until Cloudflare stepped in and blocked the domain for us.

After a lot of back and forth with our registrar, we were able to get things back under our control. I'd like to point out that our server environment was not touched so there are no worries about your data. We've gone over security protocols and are tightening things up that may have slipped through in the past. Thanks for your support!

Linux.org apparently pointed to a page exclaiming "G3T 0WNED L1NUX N3RDZ", which also included a NSFW picture, some abusive language, a shout-out to recently-deceased programmer Terry Davis, and a link to an article about Linus Torvalds' controversial apology for "his hostile behavior towards others in the community."

Long-time Slashdot reader Grady Martin says he also saw the page pointing to "presumably doxed info" about the creator of Linux's code of conduct, a fact confirmed by a report in the Register. "As for how it was hacked, [Linux.org owner Mike] McLagan blames the public Whois displaying his partner's email address -- presumably the hacker worked their way into the Yahoo email account listed as the admin of the site and from there requested a password change in her Network Solutions account to gain access to the domain."
This discussion has been archived. No new comments can be posted.

Linux.org's DNS Got Hijacked

Comments Filter:
  • by BlacKSacrificE ( 1089327 ) on Sunday December 09, 2018 @07:36AM (#57774476)

    It took 4 days for the hacking of one of the biggest tech community sites on the internet to land on /.? Really? We gunna see a story about the Falcon 9 water landing next Friday?

    • by Anonymous Coward

      Sorry. My mom grounded me and changed the wifi password.

    • Rei submits anything Musk related immediately.
    • No, it's been discussed a few times.

    • Re: (Score:3, Interesting)

      by AmiMoJo ( 196126 )

      Because someone was doxed it was probably best to wait until they had at least removed that information. Not point amplifying the doxing.

      • Re: (Score:1, Insightful)

        by Anonymous Coward

        I love how they call him the creator of the code of conduct. Apparently copy pasting what some other person created on a feminist wiki is enough to give you creative ownership over a text.

        This is a great standup joke:
        So there was a 1st World white middle-aged man whose only skill was tweeting 16 hours a day and he didn't feel very white because of it since most other whites had skills worth a shit, and he needed a break out. So one day he used transgenderism as a vehicle in hopes of waiving his white privil

    • by thegarbz ( 1787294 ) on Sunday December 09, 2018 @12:08PM (#57775426)

      It took 4 days for the hacking of one of the biggest tech community sites on the internet to land on /.? Really? We gunna see a story about the Falcon 9 water landing next Friday?

      I know right? Record time for Slashdot.

  • Looks like social engineering attacks still work in 2018, and Linux / community is not immune to it. There is no organization or company that can't be fooled if they believe the person/email/account is legit. The email address of high access users is capable of lots of damage even if temporary
  • Yahoo.... (Score:5, Insightful)

    by TFlan91 ( 2615727 ) on Sunday December 09, 2018 @08:20AM (#57774568)

    I'm sorry, if you still have a Yahoo email that controls anything of value, you're an idiot and this is well deserved.

    • Wow, it's almost as bad as having a hotmail account. I mean seriously, it's 2018. A yahoo email address? Did he get it so he could do email push with the iPhone 1?

      • Yahoo
        Hotmail
        Gmail

        Which one really is safer?

        • Yahoo Hotmail Gmail

          Which one really is safer?

          Running a number of Sigs, my experience is that if someone is hacked, the odds that they are using a Yahoo email account is pretty overwhelming.

          It does say something that the creator of Linux's Code of Conduct is using a Yahoo email address. That is the realm of the computer inept, the land of passwords like password1, or 1234567.

          • Re: (Score:2, Informative)

            by AmiMoJo ( 196126 )

            It wasn't author of the CoC's email address that was used for the DNS records, it was the site owner.

            • It wasn't author of the CoC's email address that was used for the DNS records, it was the site owner.

              You are correct. That summary is just plain wrong.

              I am a victim of assuming that there would be some relation between the site referenced and the Slashdot summary. But I should know better.

              Mike McLagan is the administrator of Linux.org. not the owner as described in the summary.

              Michelle McLagan is the owner of Linux.org. Not mentioned anywhere in the summary.

              She - although unnamed - is called "his partner" in the summary. Whether this means Significant Other type partner or business partner is not i

        • Re: (Score:2, Interesting)

          by AmiMoJo ( 196126 )

          Gmail, because it supports really good 2 factor auth. There is even an extra secure mode that blocks some normal Google account use and requires two FIDO keys.

          Hotmail also supports 2 factor via a Microsoft account. Yahoo, I don't know.

      • Might still be better than gmail. I'm so happy keeping mail servers working is no longer a part of my work duties -- "can't send mail to site X" had X = gmail in at least 80% cases, as they invent a standards-defying policy once than a couple of months. And tossing ham into a spam box without a reject to the sender makes gmail unfit for your kid's kindergarten invites, much less some important stuff.

  • NetSol!

    Domain Name: LINUX.ORG
    Registry Domain ID: D2338975-LROR
    Registrar WHOIS Server: whois.networksolutions.com
    Registrar URL: http://www.networksolutions.com/
    Updated Date: 2018-12-07T19:00:36Z
    Creation Date: 1994-05-10T04:00:00Z
    Registry Expiry Date: 2027-05-11T04:00:00Z

  • I just want to give a shout out for Terry Davis, and hope he is working on his TempleOS in the sky. Also, f*ck glow in the dark CIA n1ggers.
  • Verification (Score:5, Interesting)

    by jd ( 1658 ) <imipakNO@SPAMyahoo.com> on Sunday December 09, 2018 @10:06AM (#57774934) Homepage Journal

    DNS hijacking has been a problen in the past, resulting in DNS registrars swearing blind that they'll never again change ownership without verfying ownership over the phone.

    NS obviously broke that rule.

    Easy solution - pull their business license for a year.

  • G3T 0WNED L1NUX N3RDZ

    Why isn't this child being supervised while on the internet?

  • by paulpach ( 798828 ) on Sunday December 09, 2018 @12:08PM (#57775424)

    If you want to see what it looked like, here you go (NSFW) [archive.org]

    Is it wrong that I just laughed for 10 mins?

    The manhunt is on for the owner of that hairy asshole.

  • One day such hack will redirect archive.ubuntu.org (or other) to a repository of hacked updates and millions of linux users will get massively hacked with no hope of cleaning up. As a linux user and admin I hope it won't happen, but I'm surprised it hasn't happened yet.
    • by Anonymous Coward

      Famous computer guy Ken Thompson said in 1984:

      "The moral is obvious. You can't trust code that you did not totally create yourself. (Especially code from companies that employ people like me.) No amount of source-level verification or scrutiny will protect you from using untrusted code. In demonstrating the possibility of this kind of attack, I picked on the C compiler. I could have picked on any program-handling program such as an assembler, a loader, or even hardware microcode. As the level of program get

    • by dissy ( 172727 ) on Sunday December 09, 2018 @05:32PM (#57776842)

      One day such hack will redirect archive.ubuntu.org (or other) to a repository of hacked updates and millions of linux users will get massively hacked with no hope of cleaning up.
      As a linux user and admin I hope it won't happen, but I'm surprised it hasn't happened yet.

      This is why the software packages are digitally signed by a key pair that the OS verifies against its keystore.

      Even if archive.ubuntu.org was hijacked and pointed to a web server setup to serve the same package files, the signature wouldn't match if so much as a single bit was changed in the package, and your OS wouldn't install it.

      Hijacking DNS would give the attacker no access what so ever to the real archive.ubuntu.org or whatever machine has their HSM hardware plugged into it, and so no ability to sign packages.

Think of it! With VLSI we can pack 100 ENIACs in 1 sq. cm.!

Working...