In response, the Linux Foundation shut down its infrastructure “for maintenance” in the interest of “extreme caution” and security best practices.
“We are in the process of restoring services in a secure manner as quickly as possible. As with any intrusion and as a matter of caution, you should consider the passwords and SSH keys that you have used on these sites compromised. If you have reused these passwords on other sites, please change them immediately. We are currently auditing all systems and will update this statement when we have more information”, according to the foundation’s website.
In response to a question about whether it stores passwords in plaintext, Linux said that it did not. “However an attacker with access to stored password would have direct access to conduct a brute force attack….We encourage you to use extreme caution, as is the case in any security breach, and discontinue the use of that password if you re-use it across other sites”, the foundation said.
The security breach was likely connected to a network intrusion at kernel.org, the foundation said.
Last month, the Linux Kernel Organization discovered a number of its servers used to maintain and distribute the Linux operating system were infected with malware. An email from John Hawley, chief administrator of kernel.org, said that a trojan was found on the personal machine of kernel developer H. Peter Anvin and later on its servers.