Hackers attack Linux's Kernel.org

Thinq.

IT Pro Portal reveals that Kernel.org is the most important distribution facility for a wide range of Linux-based software, as well as for the Linux kernel itself. According to updates that appeared in the news section of the Web site, the intrusion was first discovered by site administrators on 28 August.

Investigations into the breach have determined that the attacker penetrated the site using a compromised user account. It is likely that the perpetrators exploited the security loops to upgrade the privilege of the compromised account to root level.

The Inquirer says over 400 kernel.org users will be forced to change their credentials and SSH keys as a precaution. The project's security policies will also be reviewed and improved.

This is not the first time that a major open source project has had to deal with such an intrusion.

Last December, Savannah, the collaborative development platform maintained by the Free Software Foundation was taken offline after hackers managed to break in through an SQL injection vulnerability.