Anyone who downloaded Linux Mint 17.3 Cinnamon edition last Saturday has more than likely been compromised by hackers.

Clem Lefebvre, Mint Distro’s creator warned in a blog post that a malicious 3rd party had been found to have hacked the official website and pointed users who wanted to download the open source OS to a modified version that contained an opening that the hackers could exploit. The compromised ISO was said to have been packed with Tsunami botnet malware.


“Hackers made a modified Linux Mint ISO, with a backdoor in it, and managed to hack our website to point to it…What we don’t know is the motivation behind this attack,” said Lefebvre.

The maliciously modified version was only available for a short period of time last Saturday before it was found, but if you happen to be one of the few who downloaded the distro from the official site on the 22nd February, then you should take action urgently. Lefebvre recommends that if you think your machine might be infected you should:

“Delete the ISO. If you burnt it to DVD, trash the disc. If you burnt it to USB, format the stick.

If you installed this ISO on a computer:

  • Put the computer offline.
  • Backup your personal data, if any.
  • Reinstall the OS or format the partition.
  • Change your passwords for sensitive websites (for your email in particular).”

Isn’t it ironic

If, however, you grabbed Mint 17.3 Cinnamon from another source outside of the official website, chances are you’re going to be ok.  Which is ironic, considering that you’d expect the legit vanilla official download site to be the safer option as opposed to torrent downloading.

The official Linux Mint website has also confirmed that its forums database had also been targeted in the hack. Forum users have been directed and urged to change not only their forum logon details, but also any other passwords outside of their usage of Linux related devices and software.

 “If more efforts are made to attack our project and if the goal is to hurt us, we’ll get in touch with authorities and security firms to confront the people behind this,” Lefebvre concluded.